Job Type: Full Time
Experience: Not specified 
Location: Guateng

Company: Old Mutual

Job Description

Key Responsibilities:

Threat Monitoring & Mitigation

• Continuously monitor the organization’s IT ecosystem for vulnerabilities, threats, and attacks using advanced security tools and methodologies.
• Respond to security incidents, including identifying, tracing, and neutralizing cyberattacks in real-time.
• Conduct post-incident analyses to strengthen future defenses.

Security Patching & Updates

• Ensure all systems, applications, and services are up to date with the latest security patches and upgrades.
• Work closely with IT operations to maintain a streamlined patch management process.

Secure Software Development

• Champion secure coding practices across development teams.
• Conduct regular code reviews and penetration testing of in-house applications to identify vulnerabilities.
• Implement and maintain automated tools for vulnerability scanning during the CI/CD process.

API Security

• Develop and enforce security standards for API development and consumption.
• Monitor API endpoints for potential threats, such as unauthorized access or data exfiltration.
• Implement best practices such as rate limiting, OAuth 2.0, and robust authentication mechanisms for APIs.

AWS Cloud Security

• Design, implement, and manage robust security controls for AWS-hosted systems, ensuring adherence to the principle of least privilege.
• Continuously assess AWS services and configurations for vulnerabilities and compliance with best practices.
• Oversee the use of AWS-native security tools like AWS GuardDuty, Inspector, Security Hub, and CloudTrail.

Risk Management & Compliance

• Conduct regular risk assessments and audits to ensure compliance with security policies, standards, and regulatory requirements.
• Provide technical leadership in developing and updating the organization’s cybersecurity policies and procedures.

Team Collaboration & Training

• Collaborate with cross-functional teams to integrate security into every phase of the system development lifecycle.
• Provide training and awareness programs for staff to cultivate a strong security culture

Required Qualifications:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Certifications (at least 2 of the following):
• Certified Information Systems Security Professional (CISSP).
• AWS Certified Security – Specialty.
• Certified Ethical Hacker (CEH).
• Offensive Security Certified Professional (OSCP).
• GIAC Security Essentials Certification (GSEC).
• GIAC Cloud Security Automation (GCSA).
• Drives and implement the organisational information security strategy.

Responsibilities
Leadership and Direction

• Communicate the actions needed to implement the function’s strategy and business plan within the team; explain the relationship to the broader organization’s mission, vision, and values; motivate people to commit to these and to do extraordinary things to achieve local business goals.

Business Requirements Identification

• Elicit complex business requirements using a variety of methods, such as interviews, document analysis, workshops, and workflow analysis, to express the requirements in terms of target user roles and goals. 

Data Management

• Manage key aspects of the data management system. This includes being responsible for developing or operating key elements of the system.

Database Specifications

• Approve database specifications, ensuring all agreed standards and protocols are followed and data integrity is preserved.

Analysis of “As Is” and “To Be”

• Document complex “as is” and “to be” processes and describe the changes required to migrate to the “to be” capability to record accurately the change required.

Information Security

• Lead in detecting and analyzing security incidents, including attacks, breaches, and identified vulnerabilities, and remediate any security gaps in line with the security incident management procedure.

Data Architecture

• Implement all aspects of data architecture, turning event analytics, raw application data, and business systems into key business insights.

Budgeting

• Develop and/or deliver budget plans with guidance from senior colleagues.

Operational Compliance

• Monitor and review performance and behaviors within area of responsibility to identify and resolve noncompliance with the organization’s policies and relevant regulatory codes and codes of conduct.

Organizational Capability Building

• Use the organization’s formal development framework to identify the team’s individual development needs. Plan and implement actions, including continuing professional development specified by professional or regulatory institutions, to build their professional capabilities. Provide informal training or coaching to others throughout the organization in own area of expertise to enable others to improve performance and fulfill personal potential.

Performance Management

• Manage and report on the performance of a substantial, diverse team; set appropriate performance objectives for direct reports or project/account team members and hold individuals accountable for achieving them; take appropriate corrective action where necessary to ensure the achievement of team/personal objectives.

Skills

• Business Requirements Analysis, Confidentiality, Current State Assessment, Database Administration, Database Queries, Database Reporting, Data Classification, Data Compilation, Data Compression, Data Controls, Data Encoding, Data Modeling, Executing Plans, Gateway Servers, IT Architecture

Competencies

• Action Oriented
• Builds Effective Teams
• Communicates Effectively
• Cultivates Innovation
• Ensures Accountability
• Manages Complexity
• Optimizes Work Processes
• Persuades

Education

• NQF Level 9 – Masters

Closing Date

• 05 March 2025 , 23:59

Method of Application

Interested and qualified? Go to Old Mutual on oldmutual.wd3.myworkdayjobs.com to apply