Cyber Security Engineer (Stellenbosch)

We're on the lookout for energetic, self-motivated individuals who share our passion for service in the banking industry. To be part of the journey, follow the steps below:

1. To see what life at Capitec is all about and complete a short assessment, please click here!

2. Once you have completed the above, finalize your application by clicking apply below.

Purpose Statement

• To provide data security expertise to build out and maintain resilient, scalable, cost-effective and high-performing data security solutions that will assist Capitec to become the best bank in the world.

Who We Are

• We're a bank, but we're more than that too. We believe that banking is about people and that there's a simpler way to bank, and that by helping our clients better manage their financial lives, we enable them to live better.

Why Choose Us

• At Capitec, we offer our best by being a CEO in every situation - we always put the Client first, act with Energy, and take Ownership. Picture yourself in the heart of a dynamic, data-driven setting where you can harness the power of your experience to make a real impact.
• The ideal candidate will be responsible for ensuring the confidentiality, integrity, and availability of our organisation's data assets across various data states, including structured and unstructured data, data at rest, data in transition, and data in transaction.
• This role will involve designing, implementing, and maintaining data security solutions to protect against threats and vulnerabilities, along with deep knowledge of data security products and associated concepts.
• This role will enable the successful candidate to make business and innovative decisions, leveraging the agility of Cloud.

Qualifications (Minimum)

• A relevant tertiary qualification
• Grade 12 National Certificate / Vocational

Qualifications (Ideal or Preferred)

• A relevant tertiary qualification in AWS Foundation or Cloud Computing
• AWS Data/Security certification
• Bachelor's Degree in Information Technology or Engineering
• Relevant certifications such as CISSP, CISM, CISA, or other security-related certifications

Experience and Knowledge

• 5+ years in Infrastructure, Software Development, DevOps, or Security; OR 3+ years' design and implementation of highly available, enterprise-scale public Cloud infrastructure; OR 3+ years in AWS with a focus on either Data or Security or IAM.
• Design and hands-on troubleshooting background on AWS platform (Azure or GCP will be advantageous)
• Working in a DevOps environment
• Developing and supporting infrastructure and Cloud security capabilities for microservices-based architectures
• Working with CI/CD technologies (i.e., GitLab and GitHub)
• Authentication and Authorisation technologies and protocols (LDAP, Kerberos, AD, OAuth 2.0, OpenID Connect, SAML)
• Working with scripting and provisioning and IaC tools (like Terraform, Ansible, CloudFormation, etc.)
• Basic understanding of at least one high-level programming language (GoLang / .Net / Java / Python)
• Advanced scripting skills in at least one of the following: Bash / PowerShell
• Design and deployment of highly available, enterprise-scale cloud infrastructure
• Advanced knowledge of infrastructure concepts, technologies, and patterns; including SDLC and IaC principles
• Practical, working knowledge of:
• Developing and delivering systems on AWS platforms (Azure or GCP will be advantageous)
• Supporting and enhancing build and release processes through automation, using a combination of processes and existing tools
• Understanding of Cloud and data security technologies and best practices
• Understanding of networking in Cloud environments

Ideal Experience and Knowledge:

• 3+ years in AWS with a focus on data security
• Experience in a financial services or banking organisation
• Experience in infrastructure security
• Experience in engineering data and/or security log pipelines using Big Data technologies (such as Spark, Kafka, Hadoop, Storm, etc.)
• Experience with ELK, New Relic, or similar on public Cloud platforms
• Experience with Docker and Kubernetes
• Experience working in a fast-paced Agile/Scrum environment (Atlassian Stack)
• Experience working with various database technologies, SQL Server, MySQL, PostgreSQL, RedShift, Oracle, etc.
• Experience working with vault/secret platforms (i.e., HashiCorp)
• Previous experience in a DevOps role and incorporating security controls in the build process
• Demonstrated experience in designing, implementing, and managing data security solutions for structured and unstructured data
• Understanding of modern software engineering patterns; including those using in highly scalable, distributed, and resilient systems
• Ability to deliver long-term, repeatable IaC solutions that incorporate directly into an overall CI/CD process
• Knowledge of JSON templates, Powershell, CLIs, Shell, and Python
• Experience working with cross-functional teams and providing data security guidance to Developers and IT staff
• Familiarity with regulatory requirements and industry standards related to data protection

Skills

• Analytical Skills
• Communications Skills
• Planning, organising and coordination skills

Additional Skills

• Excellent written and verbal communication skills
• Cloud Data Security: Proficiency with securing data in Cloud environments (e.g., AWS, Azure, GCP)
• Data Security: Proficiency with securing Big Data platforms, and database systems - ensuring data integrity (e.g., Hadoop, Spark, MSSQL, Oracle)
• Data Masking and Obfuscation:
• Data masking and tokenisation tools and their integration
• Data obfuscation techniques to protect sensitive information
• Data Governance: Understanding of data governance frameworks and practices
• Data Privacy Regulations: Familiarity with POPIA, GDPR, or other data privacy regulations
• Data Encryption: Proficiency in data encryption techniques and technologies to safeguard structured and unstructured data
• Access Control: Expertise in managing user access, permissions, and identity management systems for data security
• Data Loss Prevention (DLP): Expertise in the management and administration of DLP solutions for monitoring and controlling data in transit and at rest
• Secure Data Transfer Protocols: Proficiency with secure protocols (like TLS / SSL) for data in transition
• Data Classification: Ability to classify data based on sensitivity, and to apply appropriate security measures
• Secure Logging and Auditing: Expertise in setting up comprehensive logs and audit trails for data access and changes

Conditions of Employment

• Clear criminal and credit record

Capitec is committed to diversity and, where feasible, all appointments will support the achievement of our employment equity goals.