Ten Lifestyle Group

Cloud Security Engineer – Compliance

Ten Lifestyle Group

full-time

Posted on:

Location Type: Hybrid

Location: Cape TownSouth Africa

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudDNSDockerFirewallsGoogle Cloud PlatformKubernetesPythonSDLCSplunkTCP/IPTerraform

About the role

  • Monitor and respond to threats: Continuously monitor cloud infrastructures for security alerts and vulnerabilities, conduct risk assessments on vulnerabilities, and ensure that all cloud security alerts are managed.
  • Vulnerability Management: Conduct vulnerability assessments, manage vulnerability scanning technologies, facilitate and / or conduct frequent penetration testing activities, ensure timely remediation of all vulnerabilities according to SLA, and ensure all impacted parties are kept current on remediation activities and timelines.
  • Security Controls & Tooling: Implement and maintain all cloud security tooling, including but not limited to IAM, network security controls, data encryption, secrets management, WAFs, FIM, cloud security posture management, SIEM, and IDS/IPS, ensuring that these security tools meet or exceed compliance and internal security control requirements at all times.
  • Automation & Monitoring: Develop security automation scripts using Infrastructure as Code (Terraform, CloudFormation), maintain inventories of assets and security protocols, and maintain real-time security monitoring and ensuring that alerting is in place and functioning for all cloud systems.
  • Security Architecture & Design: Collaborate with engineering and operations teams to build and maintain secure cloud architectures (AWS essential; Azure considered).
  • Incident Management: Coordinate and manage cloud security incidents, ensure incident playbooks are in place and maintained for cloud applications and infrastructure, coordinate forensic investigations, ensure cloud recovery objectives are in place and tested regularly, and facilitate cloud security incident response activities.
  • Security Testing & Simulations: Conduct frequent security incident response tests and social engineering simulations.
  • Security Compliance: Support and manage PCI DSS and SOC 2 Type 2 compliance initiatives; act as the primary liaison with auditors, assessors, and internal stakeholders for all cloud applications and infrastructure.
  • Security Governance: Develop, maintain, enforce and regularly test the effectiveness of security controls, update and align information security policies and procedures, ensuring alignment to PCI DSS, SOC 2, NIST, and ISO 27001 standards.
  • Risk Management: Conduct cloud risk assessments, maintain the cloud security risk register, drive mitigation strategies, reporting cloud risks to the appropriate risk bodies.
  • Secure Software Development: Participate in and ensure that the cloud Secure SDLC aligns to Ten Group’s compliance obligations, internal policies, and ensure SAST and DAST alerts are responded to as required, ensure staff are trained and knowledgeable on secure coding techniques (OWASP), ensure vulnerability assessment and penetration tests are performed as required, and ensure that applications are regularly tested for security flaws.
  • 3rd Party Risk Management: Oversee and perform security assessments on suppliers and ensure that cloud due diligence requests from external parties are responded to timeously.
  • Training and Awareness: Contribute to cloud security awareness training for technical teams.
  • Security Posture Reporting: Prepare security and compliance reports for auditors and senior management.
  • Access Reviews: Facilitate cloud firewall reviews and perform regular access reviews for users of all cloud infrastructure and applications.
  • Security Posture Monitoring: Ensure cloud infrastructure and applications maintain an acceptable security posture and always remain compliant with client security agreements and local and international laws and regulations.

Requirements

  • Bachelor's degree in computer science, Information Security, or equivalent experience.
  • 5+ years of experience in information security, including experience in cloud security engineering roles.
  • Proven experience supporting PCI DSS and/or SOC 2 audits.
  • Hands-on experience with AWS and proficient with cloud tools: AWS Security Hub, Azure Security Center, Rapid 7, Forcepoint.
  • Skilled in networking (TCP/IP, VPNs, firewalls, DNS, load balancing) and scripting (Python, PowerShell, Bash).
  • Experienced in Infrastructure as Code (Terraform, CloudFormation) and container security (Docker, Kubernetes).
  • Proficient in SIEM tools (Splunk, Elastic Stack, Azure Sentinel), log analysis, and cloud security assessments.
  • Deep understanding of cloud security principles, best practices, and architecture patterns.
  • Demonstrated success in developing and maintaining compliance programs.
  • Strong communicator with the ability to explain complex security issues to diverse audiences.
  • Self-motivated and effective in both independent and collaborative settings.
  • Certifications: AWS Security Specialty, Azure Security Engineer, or GCP Security Engineer. CISSP, CISM, and CEH
Benefits
  • A competitive salary depending on experience.
  • Hybrid working. You can combine working from home and working from the office.
  • Paid time away from work. Our employees enjoy a competitive paid time off package, including a paid day each year to volunteer time for a good cause that is important to them.
  • Paid Sabbaticals. One (1) month paid Sabbatical after every 5 years of Service, without tapping into annual leave.
  • Extra Rewards. Lucrative Ten Loyalty Rewards program which includes a bonus and gift to say thank you for being part of Ten.
  • Remote Working Holidays - possibilities to Travel and Work anywhere in the world!
  • Employee Discounts. Access to lots of great travel and entertainment discounts as our clients’ members would!
  • Be part of our global, dynamic, and inclusive Team, with diversity at its core.
  • Genuine career opportunities within a dynamic and international company.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cloud securityvulnerability managementpenetration testingsecurity automationInfrastructure as Codenetwork securitycloud security assessmentssecure software developmentrisk managementcompliance programs
Soft skills
strong communicatorself-motivatedcollaborativeindependent worktraining and awareness
Certifications
AWS Security SpecialtyAzure Security EngineerGCP Security EngineerCISSPCISMCEH