ALL STAFF APPOINTMENTS WILL BE MADE WITH DUE CONSIDERATION OF THE COMPANY'S EE TARGETSWHAT WE DOLula is an innovative and human-focused FinTech company on a mission to help small businesses optimise their cash flow. Our purpose is to help SMEs manage their businesses better, faster, and more simply, so they can spend more time doing what they love.If you're looking for a new place to call 'home' that believes in the potential of the broader SME landscape in South Africa and a place where you'll work with awesome people - then Lula's the place for you!OUR VALUESCollaborative - we're a clan and work together as a team, always towards a common goalCommitted - we're accountable and follow through no matter the challengeCurious - we look for better ways to do things and make a positive differenceConnected - we stay close to, learn from and look to understand each other and our customersCompassionate - we go out of our way to care about our colleagues, our customers and our communityOVERALL PURPOSEWe are looking for a Senior Security Operations Engineer to join our team. The successful candidate will be responsible for securing, monitoring, and maintaining the overall security posture of our Azure platform and infrastructure, as well as our on-site networks and systems. You will work closely with all departments and teams to implement and provide guidance on security best practices and regulatory compliance. As a Senior Security Operations Engineer, you will also be responsible for identifying and responding to security incidents and conducting security assessments, audits and simulations.Responsibilities will include:Infrastructure Security:Partner with our Infrastructure team to design, implement and manage security controls and policies for our Microsoft Azure InfrastructurePartner with our Engineering teams to ensure that code deployed on Lula's infrastructure is done securelyConduct regular security assessments and audits of Azure and internal infrastructure and platforms, including vulnerability scanning and penetration testingIdentity Security:Manage and regularly audit our privileged accounts to ensure access remains relevant and requiredDesign, implement and manage policies and controls to secure Lula's accounts and access to our resources using Microsoft Entra ID toolsetsProvide security awareness training to the business to improve our security posturePerform security incident/phishing simulations to ensure our processes and training are robust and effectiveMonitor and manage Lula's access control and camera systemsProvide guidance and support to internal departments on handling of confidential informationPartner with our Technical Support team to ensure Lula's network and endpoints are configured securely and monitored for threatsRegulatory Compliance and Governance:Be a critical part of Lula's PCI DSS annual re-certification processDevelop and maintain security documentation including policies, procedures and technical standards that adhere to compliance requirementsCollaborate with external auditors and partners to ensure compliance with various regulatory requirements and industry standardsSecurity Incident Management:Be the key point of contact for security incident and alert investigationsDevelop remediation plans, conduct Root Cause Analysis' and provide corrective and preventative measures during Post Incident ReviewsParticipate in on-call rotation to provide 24/7 support for Security IncidentsTHE COMPETENCIES WE'RE AFTERHigh attention to detailAbility to work collaborativelySelf-motivatedHighly credible and trustworthyOpen and honestQuick learnerStrong planning skills and ability to prioritiseStrong leadership skills including mentoring and coachingAdaptable and flexible and resilient to change and ambiguityArticulate and approachableProcess drivenTHE SKILLS AND EXPERIENCE WE'RE LOOKING FORTertiary qualification in Computer Science, Information Security, or equivalent experience5+ years of experience in a SecOps field using Microsoft technologiesExpert knowledge of Microsoft security features, including Azure Defender for Cloud, Azure Sentinel, Entra ID, Privileged Identity Management, Intune and Defender for EndpointExperience with security assessments and audits, including vulnerability scanning, penetration testing and incident simulationsFamiliarity with industry standards and regulatory requirements, such as POPIA, PCI DSS and ISO 27001Familiarity with security related network technologies such as firewalls & VPNsAzure or Cyber Security certifications, such as Azure Security Engineer Associate, Azure Solutions Architect Expert or CISSP are a plusPlease note that all appointments are subject to our background checking process, which may include Credit, Criminal and any other job inherent checks.
#J-18808-Ljbffr