Minimum Experience:
5+ years working experience in an Information Technology environment
3+ years working experience in security operations or closely related field is a plus

Key Purpose:
The SecOps Engineer is responsible for ensuring the security and operational integrity of systems and data. You will identify and mitigate security vulnerabilities, monitor and respond to security incidents, and enforce compliance with industry standards. By implementing and maintaining robust security measures, the SecOps Engineer plays a critical role in safeguarding our organization against potential threats and ensuring a secure and resilient operational environment.
 

Key Responsibilities:

• Be part of a DevOps culture that emphasizes collaboration and communication with software developers and IT Operations while automating the process of software delivery and infrastructure changes
• Develop and implement security policies, procedures, and standards to ensure the confidentiality, integrity, and availability of our systems and data.
• Conduct security assessments, vulnerability scans, and penetration tests to identify and mitigate security risks.
• Monitor and analyze security logs and alerts to detect and respond to security incidents in a timely manner.
• Collaborate with cross-functional teams to design and implement security controls and solutions.
• Perform regular security audits and assessments to ensure compliance with industry standards and regulations.
• Provide guidance and support to development and operations teams on secure coding practices, system hardening, and configuration management.
• Stay up to date with the latest security threats, vulnerabilities, and industry trends, and proactively recommend security enhancements and solutions.
• Develop and maintain incident response plans and conduct incident response exercises to ensure readiness and effectiveness.
• Participate in security incident investigations, root cause analysis, and remediation efforts.
• Assist in the development and delivery of security awareness training and education programs for employees.
• Ensure that quality documentation is completed and maintained where necessary.
• Strong and committed drive to step up and take a leading role, the courage to challenge and the drive to make a difference with ability to work within a team and as an individual
• Ability to communicate clearly and accurately via written and presented documentation
• Embrace and adopt technology tools and protocols with enthusiasm
• Support the company and department’s Agile practices and encourage continuous improvement and learning

The company has adopted a cloud first approach when building new systems and has migrated a lot of their workloads to the cloud. The technology stack includes the following:
•    Cloud Infrastructure
o    AWS
o    Azure
o    Microsoft 365
    Exchange
    Defender
    Intune
    Office Tools
•    Operating Systems:
o    Microsoft Windows Server 2012 and later
o    Ubuntu Linux 16.04 and later
•    Hardware
o    Arista Switches
o    Fortinet Firewalls
•    Software:
•    Microsoft Enterprise Applications
•    SQL Server
•    Exchange
•    ISA
•    IIS
•    SCCM
•    Terminal Services
•    Open source technologies and software
•    Postgresql
•    Elastic Search
•    Logstash
•    Kibana
•    Grafana
•    Rundeck
•    Consul
•    Prometheus
 

Minimum Requirements

• Matric
• A BSc Computer Science, Electronic Engineering, a B. Comm Business Information Systems (BIS) Degree, or a very high quality Technikon Diploma. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
• Proven experience in security operations, incident response, and vulnerability management.
• Strong knowledge of security principles, best practices, and industry standards (e.g., NIST, ISO 27001).
• Familiarity with security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection, and network monitoring tools.
• Experience with security assessment tools and techniques, such as vulnerability scanners and penetration testing frameworks.
• Proficient in scripting and automation (e.g., Python, PowerShell) for security-related tasks.
• Understanding of cloud security concepts and experience with cloud platforms (e.g., AWS, Azure, Micorosft 365) is desirable.
• Excellent problem-solving and analytical skills, with the ability to prioritize and manage multiple tasks effectively.
• Strong communication and collaboration skills to work effectively with cross-functional teams.
• Attention to detail and a commitment to maintaining the highest standards of security