In order to be considered the following is required:

• 5+ years’ experience in Cyber Security and Cloud Security environments.
• Proven experience in:

1. Cloud security architecture
2. SIEM platforms
3. Identity & Access Management
4. Vulnerability & Patch Management
5. Incident Response
6. Security Automation & Infrastructure as Code

• Experience working within a security-focused organisation
• Exposure to project coordination or management is advantageous

Key Competencies:

• Strong analytical and investigative mindset.
• Advanced problem-solving capability.
• Strategic thinking with hands-on execution ability.
• Excellent stakeholder communication skills.
• Ability to operate in high-pressure security environments.
• Proactive, detail-oriented, and solutions-driven

Responsibilities:

Cloud Security Architecture & Engineering:

• Design, deploy, and manage enterprise-grade cloud-native security solutions
• Implement security controls across compute, network, storage, and identity layers
• Develop and maintain secure architecture standards and best practices
• Ensure infrastructure and security systems remain up-to-date and aligned with evolving threats and industry standards
• Implement DDoS protection, firewalling, network segmentation, encryption and key management solutions

Identity & Access Management (IAM):

• Architect and implement robust Identity and Access Management strategies
• Configure and manage:

1. Conditional Access frameworks
2. Privileged Access Management
3. Identity protection and monitoring
4. External identity integrations (B2B / B2C)

• Integrate identity systems with client environments
• Manage and recover directory services environments

DevSecOps & Security Automation:

• Drive DevSecOps maturity across development and operations teams
• Integrate security testing tools (SAST, DAST, SCA, IAST, secrets management) into CI/CD pipelines
• Develop automation scripts using PowerShell, Python and Bash
• Leverage Infrastructure as Code (e.g. Terraform, Bicep, ARM Templates or equivalent) to:

1. Automate security deployment
2. Enforce configuration management
3. Validate compliance
4. Enable remediation workflows

Threat Intelligence & Incident Response:

• Proactively monitor and investigate advanced threats using SIEM platforms and integrated threat intelligence feeds
• Lead and participate in security incident investigations and remediation efforts
• Investigate security alerts and escalate where required
• Optimise SOC alerting and monitoring frameworks
• Conduct root cause analysis and post-incident reporting

Risk & Vulnerability Management:

• Oversee vulnerability management across cloud infrastructure, container platforms and applications.
• Perform vulnerability scanning, patch management and remediation tracking
• Coordinate penetration testing engagements where required
• Define remediation strategies and ensure resolution timelines are met

Governance, Compliance & Security Strategy:

• Develop and maintain the organisation’s security roadmap and policies
• Design and enforce security controls aligned to:

1. POPIA
2. ISO 27001
3. Client regulatory and contractual requirements

• Conduct security audits and risk assessments.
• Develop and manage user awareness programmes, including phishing simulations
• Report on security posture and key risk metrics to stakeholders

Infrastructure & Network Security:

• Manage firewall configurations, rulesets, and secure remote access (VPN)
• Implement backup, replication, and disaster recovery strategies
• Ensure business continuity planning is in place and tested
• Monitor system performance and optimise security configurations

Leadership & Project Delivery:

• Act as a Security SME to development and operations teams
• Provide guidance on secure coding and threat modelling
• Contribute to cyber security and infrastructure projects
• Liaise with engineers and stakeholders to ensure successful project delivery
• Ensure projects are delivered on time, within scope, and within budget
• Produce high-quality security documentation and operational procedures

Information displayed above not limited to advertisement.

Please consider your application as unsuccessful if you have not received a response within 14 days of submitting your application.