About the position
Introduction
MANCOSA, a DHET registered and CHE accredited private higher education distance education provider, offering undergraduate and postgraduate business qualifications, has the following vacancy available
Duties & Responsibilities
CORE PURPOSE
The Security Engineer will be responsible for designing and overseeing the ongoing maintenance and management of the organization's security architecture, ensuring that it is aligned with global best practice (ISO27001, NIST or similar), business objectives, internal risk management strategies, and external regulatory compliance (POPIA, DHET, CHE among others).
This role requires developing secure infrastructures for both on-premises and cloud environments (AWS, Azure, Microsoft 365, Google). The Security Engineer will collaborate with cross functional teams to integrate security into all aspects of IT infrastructure, applications, web applications, mobile applications, and networks while ensuring that security controls are in place for effective threat management, incident response, and business continuity.
In addition to technical expertise, the Security Engineer will play a critical role in driving governance, risk management, and security frameworks. This includes conducting regular cybersecurity assessments (technical and otherwise), designing remediation plans based on findings, and ensuring the organization's security posture is continuously improved.
CORE FUNCTIONS INCLUDE:
1. Design & Implementation of Security Engineer
• Design and implementation of security architectures for cloud platforms (AWS, Microsoft 365, Azure) and on premises infrastructures.
• Ensure that all systems, applications (as above), and network environments are secure by design, integrating security controls into the entire lifecycle of infrastructure and application development (DevSecOps)
• Collaborate with DevOps, IT, and business teams to ensure security requirements are embedded in technical implementations.
2. Cloud Security
• Security of cloud environments, including Identity and Access Management (IAM), encryption, and cloud monitoring solutions.
• Provide guidance on best practices for securing cloud services, storage, and computing.
• Implement security tools and practices such as multifactor authentication (MFA), zero trust architecture, and data encryption for cloud platforms.
3. Governance, Risk, and Compliance (GRC)
• Develop and enforce security governance frameworks that align with industry best practices, regulatory requirements (POPIA), and internal risk management strategies.
• Ensure that security controls are compliant with regulatory requirements and that governance processes are in place for continuous monitoring.
• Collaborate with risk management teams to conduct risk assessments and prioritize mitigation efforts across the infrastructure.
• Collaboration with internal and external audit teams to remediate audit findings.
4. Security Assessments & Vulnerability Management
• Conduct regular security assessments, penetration testing, and vulnerability scanning across network, cloud, and application layers.
• Design and lead the remediation of vulnerabilities identified in assessments, ensuring alignment with broader security governance and risk management strategies.
• Continuously improve the security architecture based on assessments and evolving security threats.
5. SOC & SIEM Integration and Monitoring
• Management of SIEM (Security Information and Event Management) solutions that align with the overall security architecture.
• Ensure proper integration of monitoring tools to detect, analyse, and respond to security incidents in real time.
• Collaborate with the Security Operations Centre (SOC) to enhance incident detection, analysis, and response workflows.
• Develop period reports providing management with deep insights into the functioning of the Security Operations Centre
6. Security Policies and Procedures Development
• Development of security policies, standards, and procedures to support secure system architecture.
• Regularly review and update security policies to align with technological advancements and regulatory changes.
• Ensure that security procedures are well documented and integrated into daily operations and disaster recovery/business continuity plans.
7. Network Security & Data Protection
• Implement and management of network security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint security solutions (EDR).
• Ensure strong encryption, data loss prevention (DLP) solutions, and secure data transmission protocols are in place to safeguard sensitive data.
• Collaborate with IT teams to ensure network segmentation, secure data flows, and access control measures.
8. Disaster Recovery & Business Continuity Planning
• Collaborate with DR/BC teams to ensure that security measures are fully integrated into business continuity and disaster recovery plans.
• Provide architectural oversight for systems and processes that support rapid recovery from cybersecurity incidents and natural disasters.
• Conduct periodic reviews and tests of disaster recovery and business continuity plans to ensure they meet security standards.
9. Incident Response Strategy & Oversight
• Develop and maintain incident response plans and playbooks, ensuring that they are aligned with the overall security architecture.
• Provide guidance and direction during major security incidents, ensuring timely response and minimal business disruption.
• Collaborate with the incident response team to improve processes and ensure lessons learned are integrated into future security strategies.
10. Emerging Technologies & Threat Intelligence
• Stay informed on emerging cybersecurity threats, trends, and technologies such as AI driven security, zero trust architectures, and quantum resistant encryption.
• Integrate advanced technologies into the security architecture to improve the organization's security posture.
• Utilize threat intelligence data to proactively adjust security controls and stay ahead of potential risks.
11. Third-party Risk Management
• Assess the security architecture of third-party vendors and partners to ensure they meet the organization's security requirements.
• Collaborate with the procurement and legal teams to enforce security standards for third party engagements.
• Design secure integration strategies for third party services, ensuring that vendor risks are managed effectively.
12. Insider Threat Management
• Design and implement strategies to detect and mitigate insider threats, including data loss prevention (DLP) measures.
• Integrate insider threat management with broader risk and compliance frameworks, ensuring that threats are addressed proactively.
13. User Awareness Training & Education
• Collaborate with the IT and HR departments to develop security training programs aimed at improving user awareness.
• Ensure that all employees, especially IT and development teams, understand and follow security best practices as part of their daily activities.
• Provide guidance on security aspects of emerging trends, such as social engineering and phishing attacks.
Skills & Qualifications
• Advanced knowledge of cloud platforms (AWS, Microsoft 365, Azure) and security controls, as well as network, infrastructure, and application security.
• Strong experience in designing and implementing security architectures for cloud, hybrid, and on-premises environments.
• in developing security governance frameworks, conducting risk assessments, and aligning security measures with business objectives and regulatory compliance (POPIA, GDPR).
• Handson experience in managing security incidents and leading incident response efforts, including the integration of security measures into DR/BC plans.
• Experience with SIEM systems, intrusion detection systems, endpoint detection and response (EDR), data loss prevention (DLP), and vulnerability management tools.
• Ability to communicate complex technical concepts to executive leadership, IT teams, and nontechnical stakeholders.
• Certifications (Preferred) CISSP, CCSP, AWS Certified Security, Microsoft Certified Security, Compliance, and Identity, or other related security certifications.
Desired Experience & Qualification
QUALIFICATION (S)
• Bachelor's degree in computer science, Information Technology, or related field.
• 5 years of experience in security architecture or a related cybersecurity role.
• Industry recognized certifications (e.g., CISSP, CCSP) preferred.
EXPERIENCE
• Strong problem-solving skills with the ability to assess complex security challenges and design practical solutions.
• Proactive mindset with a focus on continuous improvement of security controls and architecture.
• Excellent collaboration skills to work across departments and with external partners to ensure secure integrations and operations.
