Cloud and DevSecOps Security Analyst
  • South Africa Bellville
  • Sanlam
1 year before
31.12.2023
Securely Provision
Risk Management
Job Description

Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Sanlam.


What will you do?


The role is operational in nature and focus on processing and responding to alerts generated by the Cloud Security, SaaS Security, and DevSecOps Tooling. The incumbent will work closely with the Blue Team to ensure that alerts and incidents are correctly handled.


What will make you successful in this role?


Maintain a working knowledge of the current cloud security environment and industry trends to identify security control issues or areas of improvement and communicate this information to management.
Work with technical teams to ensure that security configuration of SaaS solutions like O365 are implemented correctly according to established baselines.
Handling of alerts/incidents identified by the SaaS Security Tooling in close collaboration with the CSIRT/Blue Team, Business Information Security Officers (BISO’s), and End-user Computing (EUC) team.
Handling of alerts/incidents identified by Cloud Security Tooling in close collaboration with the CSIRT/Blue Team.
Onboarding, development, and monitoring of DevSecOps controls within the application development environments of SGT client businesses (through BISO’s and application development teams).
Provide regular feedback and reporting on alerts/incidents identified by Cloud Security, SaaS Security, and DevSecOps Tooling.
Identify and implement areas of improvement and automation possibilities for Cloud Security, SaaS Security, and DevSecOps Tooling.


Qualifications


Qualifications and Experience


Matric
Bachelor’s degree in computer science, informatics, or engineering.
AWS and Azure certifications recommended; specifically in the security competency


Experience


2 to 3 years of experience in an information security operation role (Blue team or SecOps team).
A minimum of 1 year of experience and exposure to the public cloud (AWS/Azure) and a demonstrated ability to learn new technology including associated security risks and controls.
Exposure to application security concepts and software development experience will be advantageous.


Knowledge And Skills


Security Auditing


Risk management


Incident Investigation


Reporting and Administration


Security tools monitoring


Personal Attributes


Interpersonal savvy - Contributing independently


Decision quality - Contributing independently


Plans and aligns - Contributing independently


Optimises work processes - Contributing independently


Build a successful career with us


We’re all about building strong, lasting relationships with our employees. We know that you have hopes for your future – your career, your personal development and of achieving great things. We pride ourselves in helping our employees to realise their worth. Through its four business clusters – Sanlam Life and Savings, Sanlam Investment Group, Sanlam Emerging Markets, Santam, as well as MiWay and the Group Office – the group provides many opportunities for growth and development.


Core Competencies


Cultivates innovation - Contributing independently


Customer focus - Contributing independently


Drives results - Contributing independently


Collaborates - Contributing independently


Being resilient - Contributing independently


Turnaround time


The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers.


Our commitment to transformation


The Sanlam Group is committed to achieving transformation and embraces diversity. This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa. The Group's Employment Equity plan and targets will be considered as part of the selection process.


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0048   Knowledge of Risk Management Framework (RMF) requirements.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0126   Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
  • K0169   Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0202   Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • K0263   Knowledge of information technology (IT) risk management policies, requirements, and procedures.
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0214   Knowledge of the Risk Management Framework Assessment Methodology.
  • K0264   Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
  • K0276   Knowledge of security management.
  • K0297   Knowledge of countermeasure design for identified security risks.

Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0115   Skill in preparing Test & Evaluation reports.
  • S0136   Skill in network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • S0141   Skill in assessing security systems designs.
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0171   Skill in performing impact/risk assessments.
  • S0254   Skill in providing analysis to aid writing phased after action reports.
  • S0022   Skill in designing countermeasures to identified security risks.
  • S0085   Skill in conducting audits or reviews of technical systems.

Required Abilities
  • A0023  Ability to design valid and reliable assessments.
  • A0030  Ability to collect, verify, and validate test data.
  • A0096  Ability to interpret and understand complex and rapidly evolving concepts.
  • A0112  Ability to monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.