Secops Engineer(Sp6)-It Chief Technology Office
Capricorn Group Limited - windhoek, namibia
2 months ago
SecOps Engineer(SP6)-IT Chief Technology Office
Listing reference: capgh_000207
Listing status: Online
Apply by: 22 October 2023
The SecOps Engineer's primary responsibility is to focus on the operational aspects of IT security, including providing security for networks and data centres, and assisting in managing and monitoring infrastructure for any potential threats, breaches, attacks or intrusions. This role performs the hands-on work to secure the IT environment and enforce IT security controls by closing off security vulnerabilities. The SecOps Engineer has to access vulnerabilities and risks in IT hardware and software. The SecOps Engineer should suggest security measures to enhance compliance and resilience. The IT SecOps Engineer will aid with monitoring of security systems for any unusual activities. The SecOps Engineer will examine and evaluate security strategies and defenses. It is the responsibility of the IT SecOps Engineer to create new defensive systems and protocols. The SecOps Engineer will develop new layers of protection and update security systems.
- The SecOps Engineer will require an understanding of the functions of the IT Service Delivery, database engineers, server/system engineers and networking engineers and technical platforms used with in the Capricorn Group. In this regard, the position must be knowledgeable and have experience in all these job functions.
- The SecOps Engineer will support the broader group entities in ensuring that group entity platforms are aligned with security standards.
- This role needs to work closely with the database, server and desktop engineers as well as service desk agents to provide technical support on the various security equipment and platforms.
- The SecOps Engineer must ensure that all security devices and applications operate to agreed security levels. This includes proactive monitoring, testing, documenting, analyses and maintenance of the IT infrastructure.
- This position involves understanding and taking steps to mitigate the risks associated with collecting, storing, and transmitting data in a business setting. You will be expected to set up security measures that help prevent security breaches, as well as analyse any breaches that do occur.
- This role needs to engage with the various staffing levels across database, network and server systems to ensure configuration standards are updated with the latest security best practices
- The SecOps Engineer has to assist the Network, System, and Database engineers and validate that all systems and infrastructure operate to agreed security standards. This includes proactive monitoring, analysis, and maintenance of systems and network infrastructure.
- Plan and implement designs for the network security infrastructure.
- Monitor the IT infrastructure for any security-related events by analyzing systems logs by correlating logs and events for proactive analysis of the groups security posture.
- The SecOps Engineer is responsible for ensuring all systems are connected and reporting to the group's SIEM solution
- Proposing and design security-related dashboards
- Understand and focus on the security governance, guidelines and adherence to PCI-DSS standards, processes and procedures.
- Assisting in designing and validating the groups cloud security architecture.
- Research, participate, and investigate new technologies and trends to ensure that the Capricorn Group infrastructure is in line with the latest approved standards and industry best practices.
- Disaster Recovery: validate that in the event of a DR, the affected area in the group can be recovered and the integrity of the group is not compromised.
Key Roles & Responsibilities
- Analyze IT specifications to assess security risks
- Install, configure, and upgrade security software
- Proactively monitor network activity to identify issues and/or anomalies and communicate them to IT teams
- Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information
- Identify and propose system security requirements
- Design computer security architecture
- Configure and troubleshoot security infrastructure devices
- Propose technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Analyze existing security systems and make recommendations for changes or improvements
- Coordinate and drive system upgrades regularly to remain competitive in the field of security
- Communicate the system status and keep users informed of downtime or changes to the system
- Implement and monitor security measures for the protection of computer systems, networks, and information
- Establish, administer, monitor, and maintain a secure network and system environment.
- Identify possible network and software vulnerabilities and configuration issues.
- Proactively automate and monitor the patching and remediation of vulnerabilities
- Configure and troubleshoot security infrastructure devices
- Assist in continuously improving and enhancing existing IT Infrastructure elements, processes, and procedures with a focus on improving the security
- To ensure any IT security risks that are raised by internal or external audits are mitigated and resolved on time and reported.
- Configure and support security tools such as firewalls, anti-virus software, patch management systems, etc
- Enforcing policies and applications that deter threats (malware, viruses, spyware, and zero-day threats)
- Respond immediately to security incidents and provide post-incident analysis
- Research and recommend security upgrades
- Identify organizational security gaps in the protection of sensitive information through comprehensive auditing capabilities
- Technical excellence
- Strong collaborator
- Learning spirit
- Strong interpersonal skills
- Highly Committed
- Energetic and willing
- Time management
- Good communicator - verbal, written, and oral communication skills
Experience/Knowledge & Skills
- At least 5 years experience within IT of which 3 should be focused on IT security
- Hands-on ability to aid in incident and problem resolution
- Understanding, and or exposure to financial institutions various business processes and procedures
- Knowledge of computer networks, including security functions and design, network and software protocols
- Ability to recognize, focus and prioritise critical issues in a high-pressure environment.
- Experience with support and troubleshooting of complex networks and systems
- Project management
- Quality management
- Capability and Availability Management
- Degree in Information Technology
- Relevant Security Certification
- Experience with other virtualization technologies
- ITIL foundation certification an advantage