Head of CIB Security Engineering - DevSecOps

Empowering Africa’s tomorrow, together…one story at a time.

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

Job Summary

To manage the Security Engineering capability within CIB, with the mission to monitor and manage the Cyber Risk profile across the business.
Develop tactical strategy and delivery plans, formulate associated practice and to ensure operational implementation and adoption across a single practice i.t.o. risk methodology, governance and delivery objectives
Technical expertise and engineering experience is essential

Job Description

Skills and experience required:

• Bachelor's Degree and Advanced Diploma: Business, Commerce, and Management Studies (Required)
• Certifications: Relevant certifications such as Certified DevSecOps Engineer (DSOE), Certified Information Systems Security Professional (CISSP), or equivalent are a plus.
• 8 - 10 years Technology Engineering experience
• Proven experience as a DevSecOps Engineer or similar role with a focus on integrating security into the software development lifecycle.
• AWS: Strong background in AWS services.
• Technical Proficiency: Strong background in automation, scripting, and coding. Proficiency with DevOps tools such as Azure DevOps, GitLab CI, Docker, and Kubernetes. Familiarity with cloud platforms (e.g., AWS, Azure).
• Security Knowledge: In-depth knowledge of security best practices, threat modelling, and vulnerability management. Experience with security tools such as SAST, DAST, and vulnerability scanners.
• Communication Skills: Excellent communication and collaboration skills. Ability to work effectively with cross-functional teams and convey complex security concepts to non-technical stakeholders.

Key accountabilities:

• Enablement of DevSecOps implementation: Assist teams with the introduction of required security testing into the development, build, and release processes.
• AWS Account Management: Oversee AWS account migrations from the current landing zone to Control Tower, ensuring compliance with new permission models and managing the transition process.
• Cloud Strategy and Architecture: Define and drive the cloud adoption strategy, considering AWS services, microservices architecture, and containerization. Architect scalable, reliable, and highly available solutions using AWS cloud services while ensuring cost-efficiency.
• Manage the cyber risk profile across CIB: Implement best practices, bottom-up cyber processes, and controls.
• Maintain and automate risk and other tools for CIB risk posture: Provide data and reporting views of the technical estate for tech and cyber risk management. Interrogate technical infrastructure to detect security misconfigurations and provide targeted notifications  and remediation guidance to teams through the SDLC and feed exceptions into risk reporting to drive remediation. Automate RCO tasks.
• Assist with the adoption of Security tooling adapted for the CIB environment: Ongoing group-led cyber and tech risk step-down initiatives require engagement down to product engineering teams to land changes across the technical estate while limiting the introduction of operational risk in the process.
• Provide security reference implementations for rollout across CIB at scale: There is a need for pre-approved and tested solutions to recurring security problems to mitigate identified risks with the adoption of appropriate security controls while allowing product engineering teams to focus more on developing customer value propositions.
• Application Security Team Leadership: Lead the integration of security practices into the development and operations lifecycle, implementing security controls and tools across the entire software delivery process 
• Tactical support for CIB tech teams implementing security: Provide assistance in implementing security controls where teams lack capacity or experience.
• Secret Management: Implement secret management processes to ensure the DevOps environment is secure and data remains safe and protected. Manage Conjur followers on Kubernetes and oversee the onboarding of secrets.
• Security Integration: Lead the integration of security practices into the software development lifecycle, including threat modelling, risk assessments, and compliance with regulatory requirements.
• Incident Response: Develop and maintain incident response plans. Participate in and lead incident response activities, ensuring timely resolution of security incidents.

Responsibilities:

• Tooling and Technology: Evaluate, select, and implement security tools and technologies to enhance our DevSecOps capabilities. Stay informed about the latest security trends and technologies.
• Security Integration: Lead the integration of security practices into the development and operations lifecycle, implementing security controls and tools across the entire software delivery process.
• Automation and Orchestration: Design, implement, and maintain automated processes for code integration, deployment, and security scanning. Utilize orchestration tools to streamline workflows and improve efficiency.
• Continuous Monitoring: Implement and manage continuous security monitoring tools to detect and respond to security threats in real-time. Conduct regular security assessments and audits.
• Collaboration: Work closely with development, operations, and security teams to foster a collaborative DevSecOps culture. Provide guidance on secure coding practices and perform security reviews.
• Incident Response: Develop and maintain incident response plans. Participate in and lead incident response activities, ensuring timely resolution of security incidents.
• Compliance: Ensure compliance with relevant regulatory requirements and industry standards. Participate in security assessments and audits.

Education

Bachelor`s Degrees and Advanced Diplomas: Business, Commerce and Management Studies (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised