Senior Cyber Security Specialist (AWS)

Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

Key Responsibilities:

1. Threat Monitoring & Mitigation

• Continuously monitor the organization’s IT ecosystem for vulnerabilities, threats, and attacks using advanced security tools and methodologies.

• Respond to security incidents, including identifying, tracing, and neutralizing cyberattacks in real-time.

• Conduct post-incident analyses to strengthen future defenses.

2. Security Patching & Updates

• Ensure all systems, applications, and services are up to date with the latest security patches and upgrades.

• Work closely with IT operations to maintain a streamlined patch management process.

3. Secure Software Development

• Champion secure coding practices across development teams.

• Conduct regular code reviews and penetration testing of in-house applications to identify vulnerabilities.

• Implement and maintain automated tools for vulnerability scanning during the CI/CD process.

4. API Security

• Develop and enforce security standards for API development and consumption.

• Monitor API endpoints for potential threats, such as unauthorized access or data exfiltration.

• Implement best practices such as rate limiting, OAuth 2.0, and robust authentication mechanisms for APIs.

5. AWS Cloud Security

• Design, implement, and manage robust security controls for AWS-hosted systems, ensuring adherence to the principle of least privilege.

• Continuously assess AWS services and configurations for vulnerabilities and compliance with best practices.

• Oversee the use of AWS-native security tools like AWS GuardDuty, Inspector, Security Hub, and CloudTrail.

6. Risk Management & Compliance

• Conduct regular risk assessments and audits to ensure compliance with security policies, standards, and regulatory requirements.

• Provide technical leadership in developing and updating the organization’s cybersecurity policies and procedures.

7. Team Collaboration & Training

• Collaborate with cross-functional teams to integrate security into every phase of the system development lifecycle.

• Provide training and awareness programs for staff to cultivate a strong security culture

Required Qualifications:

• Education:

  • Bachelor’s degree in Computer Science, Information Technology, or a related field.

• Certifications (at least 2 of the following):

  • Certified Information Systems Security Professional (CISSP).

  • AWS Certified Security – Specialty.

  • Certified Ethical Hacker (CEH).

  • Offensive Security Certified Professional (OSCP).

  • GIAC Security Essentials Certification (GSEC).

  • GIAC Cloud Security Automation (GCSA).

Drives and implement the organisational information security strategy.

Responsibilities

Leadership and Direction

Communicate the actions needed to implement the function's strategy and business plan within the team; explain the relationship to the broader organization's mission, vision, and values; motivate people to commit to these and to do extraordinary things to achieve local business goals.

Business Requirements Identification

Elicit complex business requirements using a variety of methods, such as interviews, document analysis, workshops, and workflow analysis, to express the requirements in terms of target user roles and goals.

Data Management

Manage key aspects of the data management system. This includes being responsible for developing or operating key elements of the system.

Database Specifications

Approve database specifications, ensuring all agreed standards and protocols are followed and data integrity is preserved.

Analysis of "As Is" and "To Be"

Document complex "as is" and "to be" processes and describe the changes required to migrate to the "to be" capability to record accurately the change required.

Information Security

Lead in detecting and analyzing security incidents, including attacks, breaches, and identified vulnerabilities, and remediate any security gaps in line with the security incident management procedure.

Data Architecture

Implement all aspects of data architecture, turning event analytics, raw application data, and business systems into key business insights.

Budgeting

Develop and/or deliver budget plans with guidance from senior colleagues.

Operational Compliance

Monitor and review performance and behaviors within area of responsibility to identify and resolve noncompliance with the organization's policies and relevant regulatory codes and codes of conduct.

Organizational Capability Building

Use the organization's formal development framework to identify the team's individual development needs. Plan and implement actions, including continuing professional development specified by professional or regulatory institutions, to build their professional capabilities. Provide informal training or coaching to others throughout the organization in own area of expertise to enable others to improve performance and fulfill personal potential.

Performance Management

Manage and report on the performance of a substantial, diverse team; set appropriate performance objectives for direct reports or project/account team members and hold individuals accountable for achieving them; take appropriate corrective action where necessary to ensure the achievement of team/personal objectives.

Skills

Business Requirements Analysis, Confidentiality, Current State Assessment, Database Administration, Database Queries, Database Reporting, Data Classification, Data Compilation, Data Compression, Data Controls, Data Encoding, Data Modeling, Executing Plans, Gateway Servers, IT Architecture

Competencies

Action Oriented

Builds Effective Teams

Communicates Effectively

Cultivates Innovation

Ensures Accountability

Manages Complexity

Optimizes Work Processes

Persuades

Education

NQF Level 9 – Masters

Closing Date

05 March 2025 , 23:59

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.

Old Mutual Limited is pro-vaccination and encourages its workforce to be fully vaccinated against Covid-19.

All prospective employees are required to disclose their vaccination status as part of the recruitment process.

Please refer to the Old Mutual’s Covid-19 vaccination policy for further detail. Kindly note that Old Mutual reserves the right to reinstate the requirement to vaccinate at any point if it is of the view that it is imperative to do so.

The Old Mutual Story!