Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Sanlam.
What will you do?
The role is operational in nature and focus on processing and responding to alerts generated by the Cloud Security, SaaS Security, and DevSecOps Tooling. The incumbent will work closely with the Blue Team to ensure that alerts and incidents are correctly handled.
What will make you successful in this role?
- Maintain a working knowledge of the current cloud security environment and industry trends to identify security control issues or areas of improvement and communicate this information to management.
- Work with technical teams to ensure that security configuration of SaaS solutions like O365 are implemented correctly according to established baselines.
- Handling of alerts/incidents identified by the SaaS Security Tooling in close collaboration with the CSIRT/Blue Team, Business Information Security Officers (BISOs), and End-user Computing (EUC) team.
- Handling of alerts/incidents identified by Cloud Security Tooling in close collaboration with the CSIRT/Blue Team.
- Onboarding, development, and monitoring of DevSecOps controls within the application development environments of SGT client businesses (through BISOs and application development teams).
- Provide regular feedback and reporting on alerts/incidents identified by Cloud Security, SaaS Security, and DevSecOps Tooling.
- Identify and implement areas of improvement and automation possibilities for Cloud Security, SaaS Security, and DevSecOps Tooling.
Qualifications and Experience
- Matric
- Bachelors degree in computer science, informatics, or engineering.
- AWS and Azure certifications recommended; specifically in the security competency
- 2 to 3 years of experience in an information security operation role (Blue team or SecOps team).
- A minimum of 1 year of experience and exposure to the public cloud (AWS/Azure) and a demonstrated ability to learn new technology including associated security risks and controls.
- Exposure to application security concepts and software development experience will be advantageous.
Security Auditing
Risk management
Incident Investigation
Reporting and Administration
Security tools monitoring
Personal Attributes
Interpersonal savvy - Contributing independently
Decision quality - Contributing independently
Plans and aligns - Contributing independently
Optimises work processes - Contributing independently
Build a successful career with us
Were all about building strong, lasting relationships with our employees. We know that you have hopes for your future your career, your personal development and of achieving great things. We pride ourselves in helping our employees to realise their worth. Through its four business clusters Sanlam Life and Savings, Sanlam Investment Group, Sanlam Emerging Markets, Santam, as well as MiWay and the Group Office the group provides many opportunities for growth and development.
Core Competencies
Cultivates innovation - Contributing independently
Customer focus - Contributing independently
Drives results - Contributing independently
Collaborates - Contributing independently
Being resilient - Contributing independently
Turnaround time
The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers.
Our commitment to transformation
The Sanlam Group is committed to achieving transformation and embraces diversity. This commitment is what drives us to achieve a diverse, inclusive and equitable workplace as we believe that these are key components to ensuring a thriving and sustainable business in South Africa. The Group's Employment Equity plan and targets will be considered as part of the selection process.
