Senior Security Engineer
  • South Africa Cape Town
  • BASHR Consulting
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

Exciting Opportunity for Security Engineer to join our clients team!!!

Required Experience

8 - 10 years’ work experience

5+ years in a similar role within an ICT organisation provision managed services

5-10 Years CCSE

5-10 Years FortiGate

2-5 Years CISSP

2-5 Years CCNA

3-5 Years Cylance / Crowdstrike EDR

3-5 Years Qualys

3-5 Years Nessus

5-10 Years ITL v3

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0024   Knowledge of database systems.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0028   Knowledge of organization's evaluation and validation requirements.
  • K0056   Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200   Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0516   Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0011   Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
  • K0057   Knowledge of network hardware devices and functions.
  • K0202   Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
Required Skills
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0076   Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0116   Skill in designing multi-level security/cross domain solutions.
  • S0138   Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
  • S0139   Skill in applying security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
  • S0168   Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
  • S0170   Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).
Required Abilities
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0038  Ability to optimize systems to meet enterprise performance requirements.
  • A0051  Ability to execute technology integration processes.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0172  Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).