Cloud Security Engineer

Contract - 6months (extendable)

An Intermediate Cloud Security Engineer plays a crucial role in safeguarding Old Mutuals cloud infrastructure and data. This position requires a blend of technical expertise, security knowledge, and problem-solving skills to implement and maintain security protocols in cloud environments.

DESCRIBE THE MAIN ACTIVITIES OF THE JOB (DESCRIPTION)

Conduct threat analysis on cloud environments.

Uses data collected from a variety of agnostic and native cloud security and application security tools (e.g., Cloud Security Posture Management, Web Application Firewalls, API Compliance, Static Code Analysis Tools, Source Composition Analysis tools, Data Security Posture Management) to analyze events that occur within production and non-production environments for the purposes of mitigating threats and improving compliance.

Maintain and update the multi-cloud security standards assessments for the organization.

Define and implement cyber security threat use cases.

Coordinates with the SOC teams by offering the necessary functional guidance for avoiding malicious activities

Is a key resource during cyber incident response

Supports the team with research and source analysis

Offer all the necessary support to cyber security initiative through predictive and reactive analysis

Works with customers, vendors and internal resources for problem resolution and security advisories

Must articulate the emerging cloud security trends to the security operations centre team members

Leverages industry best practices and standards for improvements and optimization, such as NIST and CIS, as well as cloud specific standards such as the AWS Best Practices Framework for Security and Microsoft Azure Security Benchmark.

Provides technical advice and consultation to the business.

Acquires and applies knowledge of business processes, procedures, policies and practices.

Communicates effectively regarding cloud security related activities.

Participates in systems handover process.

Participates in software and / or hardware upgrades.

Adds assets to the Web Application Firewall for Layer 7 protection.

Refines Firewall rulesets

MINIMUM QUALIFICATIONS / EXPERIENCE (REQUIRED FOR THE JOB)

Matric

Relevant diploma or degree in technology or business-related field

3 or more years of experience as a Cloud Security Analyst / Engineer

AWS Security Speciality

AWS Cloud Practitioner

AWS Solutions Architect

Experience with cloud security assessments, cloud-native security controls, risk assessment, web application firewalls, information gathering, and reporting.

ADDITIONAL QUALIFICATIONS / EXPERIENCE (PREFERRED, NOT A REQUIREMENT)

Certified Cloud Security Professional (CCSP) from ISC2

Postgraduate degree in technology

Intermediate or Advanced API Security knowledge (Using Burp Suite, or other app sec tools)

Certified Ethical Hacker, or equivalent course

CompTIA Security+

COMPETENCIES REQUIRED

Critical thinking / problem-solving

Oral / written communication

Teamwork / collaboration

Strong security research skills