Security Operations Engineer

My client is a top global financial services firm in private equity, looking for a motivated and self-directed Security Operations Engineer. You will work as part of a small global team with managed service providers and a 24 x 7 managed SOC, participating in operational security initiatives and helping develop standards. This role is highly technical and hands-on, requiring a broad understanding of technology along with extensive knowledge of security-specific technologies related to systems, infrastructure, Azure, M365, and business applications.

Responsibilities will include:

1. Take responsibility for day-to-day operations within the operational security team, ensuring support tickets, tasks, and operational procedures are executed efficiently and effectively.
2. Participate in the day-to-day operations of Information security covering areas such as incident investigation, security tool monitoring and investigation, escalation management from the managed SOC, and threat feed monitoring.
3. Provide security posture inputs to ensure control requirements and technologies are being correctly applied.
4. Provide support and escalation for operational security issues, actively participating in major incident response and minimizing any impact to the business.
5. Configuration and operation of security tooling such as endpoint detection and response tools, secure web gateway tooling, user entity and behavioral analytics, secure email gateways, privileged access management, and Single Sign-On.
6. In conjunction with the technical teams, implement technical security standards, ensuring industry best practices are applied while considering the risk appetite and needs of the business.
7. Providing technical security advice for projects and changes, including the design of technical controls, review of business process controls, and input into secure software development lifecycle standards.
8. Contribute to technical security designs and provide technical policy authoring.
9. Operation of incident management runbooks, including regular testing.
10. Support ongoing awareness programs, including staff education, running regular phishing tests, and producing intranet announcements.
11. Participation in the vulnerability management process, ensuring technical vulnerabilities are reviewed and working with our technical teams to ensure remediation is done in accordance with our standards.
12. Work with technical and development teams to ensure the implementation of our cloud services and technologies are secure.
13. Research emerging threats and vulnerabilities to aid in the identification of incidents and support the creation of new architecture, policies, standards, and technologies to address them.
14. Support investigations into compliance, policy, or data breaches as required.
15. Monitor relevant information sources and information-sharing services to stay up to date on current attacks and trends.

Person Specification

They seek to hire individuals who are highly motivated, proactive, intelligent, and have demonstrated excellence in prior endeavors. The successful candidate should have:

1. Strong technical expertise in security technologies and their application.
2. Knowledge and experience of industry standards such as ISO27001:2022 and how they might apply to the business.
3. Desire to be part of a highly effective operational security function that is procedural-based and service-oriented.
4. Good judgment, a sense of urgency, and a demonstrated commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.
5. Strong problem-solving and troubleshooting skills.
6. Good understanding of data handling best practices and information management and governance.
7. Knowledge and expertise of cross-border regulations and global data protection laws, such as GDPR and regulatory demands associated with working in financial business.
8. An understanding of secure software development lifecycles and applying these in a DevSecOps environment.
9. Experience of working with security incident response plans and ensuring those are fit for purpose.
10. Experience working with technical teams responsible for implementing security technology.
11. Experience with security monitoring, detection, prevention, and control systems.
12. Ability to stay current with tactics, techniques, and procedures adopted by various threat actors and the mechanisms to mitigate these.
13. Ability to dig into details as well as analyze data from a high-level view.
14. Microsoft or SANS Security certifications.
15. Knowledge of Azure, M365, OWASP Top 10, SANS Top 20, MITRE ATT&CK framework, etc.

Personal Characteristics

The successful candidate should demonstrate the following personal characteristics:

1. Excellent written, verbal, and interpersonal communication skills.
2. Effective at building long-lasting partnerships and working relationships.
3. Effective influencing and negotiation skills.
4. Highly self-motivated, self-directed, and attentive to detail.
5. Happy working with a distributed remote team.
6. Collaborative and inclusive approach to working with colleagues.

About the job

Contract Type: FULL_TIME

Focus: IT Security

Workplace Type: Hybrid

Location: Cape Town

Specialism: Technology & Digital

Industry: Financial Services

Salary: 10% - 30%

Job Reference: OXPYOF-8841239F

Date posted: 17 February 2025

Consultant: Tafadzwa Chakaodza

Come join our global team of creative thinkers, problem solvers, and game changers. We offer accelerated career progression, a dynamic culture, and expert training.