Cloud Security Engineer

Contract

An Intermediate Cloud Security Engineer plays a crucial role in safeguarding Old Mutuals cloud infrastructure and data. This position requires a blend of technical expertise, security knowledge, and problem-solving skills to implement and maintain security protocols in cloud environments.

DESCRIBE THE MAIN ACTIVITIES OF THE JOB (DESCRIPTION)

• Conduct threat analysis on cloud environments.
• Uses data collected from a variety of agnostic and native cloud security and application security tools (e.g., Cloud Security Posture Management, Web Application Firewalls, API Compliance, Static Code Analysis Tools, Source Composition Analysis tools, Data Security Posture Management) to analyze events that occur within production and non-production environments for the purposes of mitigating threats and improving compliance.
• Maintain and update the multi-cloud security standards assessments for the organization.
• Define and implement cyber security threat use cases.
• Coordinates with the SOC teams by offering the necessary functional guidance for avoiding malicious activities
• Is a key resource during cyber incident response
• Supports the team with research and source analysis
• Offer all the necessary support to cyber security initiative through predictive and reactive analysis
• Works with customers, vendors and internal resources for problem resolution and security advisories
• Must articulate the emerging cloud security trends to the security operations centre team members
• Leverages industry best practices and standards for improvements and optimization, such as NIST and CIS, as well as cloud specific standards such as the AWS Best Practices Framework for Security and Microsoft Azure Security Benchmark.
• Provides technical advice and consultation to the business.
• Acquires and applies knowledge of business processes, procedures, policies and practices.
• Communicates effectively regarding cloud security related activities.
• Participates in systems handover process.
• Participates in software and/or hardware upgrades.
• Adds assets to the Web Application Firewall for Layer 7 protection.
• Refines Firewall rulesets

MINIMUM QUALIFICATIONS/EXPERIENCE (REQUIRED FOR THE JOB)

• Matric
• Relevant diploma or degree in technology or business-related field
• 3 or more years of experience as a Cloud Security Analyst/Engineer
• AWS Security Speciality
• AWS Cloud Practitioner
• AWS Solutions Architect
• Experience with cloud security assessments, cloud-native security controls, risk assessment, web application firewalls, information gathering, and reporting.

ADDITIONAL QUALIFICATIONS/EXPERIENCE (PREFERRED, NOT A REQUIREMENT)

• Certified Cloud Security Professional (CCSP) from ISC2
• Postgraduate degree in technology
• Intermediate or Advanced API Security knowledge (Using Burp Suite, or other app sec tools)
• Certified Ethical Hacker, or equivalent course
• CompTIA Security+

COMPETENCIES REQUIRED

• Critical thinking/problem-solving
• Oral/written communication
• Teamwork/ collaboration
• Strong security research skills