Cyber Security Engineer
Job description
To provide cloud security expertise to build out and maintain resilient, scalable, cost effective and high performing Cloud solutions.
Requirements:
- Design and deployment of highly available, enterprise-scale Cloud infrastructure.
- Advanced knowledge of infrastructure concepts, technologies and patterns (SDLC, IaC).
- Developing and delivering systems on AWS Platforms (Azure or GCP will be advantageous).
- Supporting and enhancing build and release processes through automation using a combination of processes and existing tools.
- Understanding of Cloud Security technologies and best practices.
- Understanding of Networking in Cloud environments.
- Experience in a DevOps role and incorporating security controls in the build process.
- Experience in engineering data and/or security log pipelines using Big Data technologies such as Spark, Kafka, Hadoop, Storm, etc.
- Demonstrated experience in designing, implementing, and managing data security solutions for structured and unstructured data.
- Understanding of modern software engineering patterns, including those used in highly scalable, distributed, and resilient systems.
- Ability to deliver long-term, repeatable IaC solutions that incorporate directly into an overall CI/CD process.
- Knowledge of JSON templates, PowerShell, CLI’s, Shell, Python.
- Experience working with cross-functional teams and providing data security guidance to developers and IT staff.
- Familiarity with regulatory requirements and industry standards related to data protection.
- Knowledge of data masking and tokenization tools and their integration.
- Knowledge of data obfuscation techniques to protect sensitive information.
- Data Governance: Understanding of data governance frameworks and practices.
- Data Privacy Regulations: Familiarity with POPIA, GDPR or other data privacy regulations.
- Data Encryption: Proficiency in data encryption techniques and technologies to safeguard structured and unstructured data.
- Access Control: Expertise in managing user access, permissions, and identity management systems for data security.
- Data Loss Prevention (DLP): Implementation and management of DLP solutions for monitoring and controlling data in transit and at rest.
- Secure Data Transfer Protocols: Understanding of secure protocols like TLS/SSL for data in transition.
- Data Classification: Ability to classify data based on sensitivity and apply appropriate security measures.
- Secure Logging and Auditing: Setting up comprehensive logs and audit trails for data access and changes.
Experience:
- 7+ years’ experience in Infrastructure, Software Development, DevOps or Security.
- 4+ years design and implementation of highly available, enterprise-scale public Cloud infrastructure.
- 4 years in AWS with focus on Data, Security & IAM.
- Experience in introducing cloud security technology (start-up) in an environment – processes, principles etc.
- Design and hands-on troubleshooting background on AWS Platform (Azure or GCP will be advantageous).
- Experience working in a DevOps environment.
- Experience developing and supporting infrastructure and cloud security capabilities for microservices-based architectures.
- Experience working with CI/CD technologies, e.g., GitLab and GitHub.
- Experience with authentication and authorization technologies and protocols (LDAP, Kerberos, AD, OAuth 2.0, OpenID Connect, SAML).
- Experience working with scripting and provisioning and IaC tools like Terraform, Ansible, CloudFormation or equivalent.
Skills:
- 5 years in AWS with focus on Networking.
- Experience in a financial services or banking organisation.
- Infrastructure security.
- Basic understanding of at least one high-level programming language (GoLang / .NET / Java / Python).
- Advanced scripting skills in at least one interpreted language (Bash/PowerShell).
- Experience in engineering data pipelines using Big Data technologies such as Spark, Kafka, Hadoop, Storm, etc.
- Experience with ELK, New Relic or similar on Public Cloud Platforms.
- Experience with Docker and Kubernetes, EKS.
- Experience working in a fast-paced Agile/Scrum environment (Atlassian Stack).
- Experience working with various Database technologies, SQL Server, MySQL, PostgreSQL, RedShift, Oracle, etc.
- Experience working with Vault/Secret platforms, e.g., Hashicorp.