Overview
Security Engineer – Infrastructure Jobs in City of Cape Town, Western Cape, South Africa at (various)
Title: Security Engineer – Infrastructure
Company: (various)
Location: City of Cape Town, Western Cape, South Africa
The Senior Infrastructure Security Engineer will serve as a technical leader and guide as needed on technical efforts initiated by the Cybersecurity, Infrastructure, and Operations teams and projects outside of Security.
This role will focus on Infrastructure Security, Identity and Access Management, Cloud Security, and Network Security. The position requires a deep understanding of AD security, firewall management, network security, and operating system security, as well as threat detection, response, and mitigation.
Permanent, Cape Town based
Qualifications
Matric
Bachelor’s degree in Computer Science, Information Technology, or a related field. Equivalent experience may be considered
Certifications such as CISSP, CISM, Microsoft Certified: Identity and Access Administrator Associate, or similar
Responsibilties
Active Directory Security Management
Design and manage security configurations for AD environments, including multi-domain forests
Perform regular security assessments and audits of AD infrastructure
Develop and enforce security policies related to AD, including password policies, account lockout policies, and privileged access management
Identity and Access Management (IAM)
Manage the lifecycle of AD accounts, groups, and organisational units (OUs)
Implement and manage Role-Based Access Control (RBAC) and least privilege access models
Incident Response and Threat Mitigation
Coordinate technical response during investigations into infrastructure security-related security incidents, including unauthorised access, privilege escalation, and breaches (primary point of contact for the CSIRT)
Develop and maintain incident response playbooks related to AD, firewalls, and VPN
Collaborate with the Security Operations Center (SOC) to detect and respond to AD and other infrastructure threats.
Implement measures to protect AD against common threats like Pass-the-Hash, Golden Ticket attacks, and Kerberoasting
Infrastructure ManImplement
Implwmwnr disaster recovery solutions for AD, including backup and restore processes
Plan and coordinate lifecycle and capacity management of the SIEM service (software version upgrades, hardware upgrades and migrations, deployment of new infrastructure)
Ensuring compliance with regulatory standards, industry best practices, and company policies and standards
Collaboration and Communication:
Work closely with cybersecurity, compliance, architecture, and infrastructure & operations teams to align infrastructure security with overall organisational goals
Provide technical leadership and mentoring to junior engineers and other IT staff.
Prepare and present reports on AD security posture to senior management and stakeholders
Timely and accurate communication of project status reports, risks and issues to key stakeholders
Represent team as senior technical subject matter expert and key decision maker in project meetings and activities; function as a member of the extended central Cyber Security team during weekly progress meetings, ISO Forums; and participate in the annual strategic planning of the central Cyber Security Team
Contribute to both Cybersecurity and Infrastructure & Operations roadmaps and overviews to key stakeholders and internal customers
Management and oversight of 3rd party consultants assigned to specific projects
Manage SIEM service provider
Coordinate technical efforts in support of new initiatives to improve Cyber resilience in the groupagement: