Security Engineer Data Security

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Job Description

Data Loss Prevention (DLP)

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.

Monitoring, Reporting & Incident Response

• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Qualifications

Technical Skills

• Strong hands-on experience with Microsoft Purview DLP (E5).
• Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management).
• Experience with Forcepoint Web Security policy design, deployment, and management.
• Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred.
• Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Forcepoint Certified Professional (or relevant product training)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus

Additional Information

Behavioural Competencies:

• Articulating Information
• Challenging Ideas
• Developing Expertise
• Developing Strategies
• Embracing Change
• Empowering Individuals
• Examining Information
• Exploring Possibilities
• Interacting with People
• Making Decisions
• Showing Composure
• Team Working

Technical Competencies:

• Incident and Problem Management
• Information Security Management
• IT Design Driven Development
• IT Knowledge
• Service Management Processes
• Technical Analysis
• Trouble Shooting
• Use of Build and Test Automation