Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Sanlam.
Minimum RequirementsMinimum 7 years of experience in IT security, with at least 5 years focused on Active DirectoryProven experience in managing and securing multi-domain AD environmentsExperience with AD integration in hybrid cloud environmentsExperience in the technologies involved in networking, firewalls, Windows and Unix/Linux Operating Systems and internet protocolsExperience with security tools such as Microsoft Entra ID Protection, Checkpoint or FortiGate firewalls and SIEM toolsExperience with AD migrations, mergers, or restructuringExperience with logging systems and log analysisWhat will you do?The Senior Infrastructure Security Engineer will serve as a technical leader and guide as needed on technical efforts initiated by the Cybersecurity, Infrastructure, and Operations teams and projects outside of Security. This role will focus on Infrastructure Security, Identity and Access Management, Cloud Security, and Network Security. The position requires a deep understanding of AD security, firewall management, network security, and operating system security, as well as threat detection, response, and mitigation. Additionally, experience with associated technologies such as Group Policy, DNS, certificate services, InTune, LAPS, VPN, and SIEM is essential.
What will make you successful in this role?Active Directory Security ManagementDesign and manage security configurations for AD environments, including multi-domain forestsPerform regular security assessments and audits of AD infrastructureDevelop and enforce security policies related to AD, including password policies, account lockout policies, and privileged access managementIdentity and Access Management (IAM)Manage the lifecycle of AD accounts, groups, and organisational units (OUs)Implement and manage Role-Based Access Control (RBAC) and least privilege access modelsIncident Response and Threat MitigationCoordinate technical response during investigations into infrastructure security-related incidents, including unauthorised access, privilege escalation, and breaches (primary point of contact for the CSIRT)Develop and maintain incident response playbooks related to AD, firewalls, and VPNCollaborate with the Security Operations Center (SOC) to detect and respond to AD and other infrastructure threats.Implement measures to protect AD against common threats like Pass-the-Hash, Golden Ticket attacks, and KerberoastingInfrastructure ManagementImplement disaster recovery solutions for AD, including backup and restore processesPlan and coordinate lifecycle and capacity management of the SIEM service (software version upgrades, hardware upgrades and migrations, deployment of new infrastructure)Ensuring compliance with regulatory standards, industry best practices, and company policies and standardsCollaboration and CommunicationWork closely with cybersecurity, compliance, architecture, and infrastructure & operations teams to align infrastructure security with overall organisational goalsProvide technical leadership and mentoring to junior engineers and other IT staff.Prepare and present reports on AD security posture to senior management and stakeholdersTimely and accurate communication of project status reports, risks and issues to key stakeholdersRepresent team as senior technical subject matter expert and key decision maker in project meetings and activities; function as a member of the extended central Cyber Security team during weekly progress meetings, ISO Forums; and participate in the annual strategic planning of the central Cyber Security TeamContribute to both Cybersecurity and Infrastructure & Operations roadmaps and overviews to key stakeholders and internal customersManagement and oversight of 3rd party consultants assigned to specific projectsManage SIEM service providerCoordinate technical efforts in support of new initiatives to improve Cyber resilience in the groupQualifications and CertificationMatricBachelor's degree in Computer Science, Information Technology, or a related field. Equivalent experience may be consideredCertifications such as CISSP, CISM, Microsoft Certified: Identity and Access Administrator Associate, or similarKnowledge and SkillsCyber Security AdministrationCyber Security AuditsCyber Security ComplianceAssessing security risksAssessment risk mitigation for the organisationPersonal AttributesPlans and aligns - Contributing through othersDecision quality - Contributing through othersOptimises work processes - Contributing through othersInterpersonal savvy - Contributing through othersCore CompetenciesBeing resilient - Contributing through othersCollaborates - Contributing through othersCultivates innovation - Contributing through othersCustomer focus - Contributing through othersDrives results - Contributing through othersOur commitment to transformationThe Sanlam Group is committed to achieving transformation and embraces diversity. This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa. The Group's Employment Equity plan and targets will be considered as part of the selection process.
#J-18808-Ljbffr