O

OM Bank - Cloud Security Engineer at Old Mutual

Old Mutual
Full-time
On-site
KEY RESULT AREAS


Cloud Security Implementation: Deploy, configure, and optimize AWS security services (GuardDuty, Security Config, KMS, IAM, VPC, Route 53, and EKS security features).
Infrastructure as Code (IaC) Hardening:
Embed security best practices in Terraform and CloudFormation; integrate scanning and security checks in CI/CD pipelines using GitHub Actions and ArgoCD.
Identity and Access Management:
Support Azure AD / Entra ID governance, conditional access, RBAC, and access package reviews to maintain least-privilege principles by utilizing terraform.
Incident Response Collaboration:
Assist in cyber incident investigations, performing forensic data collection, root-cause analysis, and containment support.
Threat Detection & Automation:
Assist in improving Sentinel detections, enrich GuardDuty alerts, and build automated playbooks for response and remediation.
Risk Remediation Execution:
Translate cyber risk findings from analysts into actionable engineering tasks and verify implemented mitigations.
Security Tooling Integration:
Assist in Integrating cloud, endpoint, and DNS inspection tools with SIEM and SOAR platforms to strengthen detection and response capabilities.
Compliance & Audit Support:
Provide evidence and configuration documentation to support internal audit, regulatory, and external assurance activities.
Continuous Improvement:
Enhance automation, logging, and compliance posture through "Security as Code" principles and self-service operational tooling.


ROLE REQUIRMENTS


Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.


Certifications (Preferred):


AWS Certified Security - Specialty
AWS Certified Solutions Architect (Associate or Professional)
Microsoft Certified: Security Operations Analyst Associate
Terraform Associate (HashiCorp Certified)
CompTIA Security+ or CySA+


Experience:


3 - 5 years' experience in cloud or cyber security engineering, with strong AWS exposure.
Demonstrated experience in Terraform, CloudFormation, CI/CD pipeline security, and configuration compliance.
Familiarity with SIEM/SOAR operations (Microsoft Sentinel preferred).
Exposure to incident response, forensics, and vulnerability management.
Working knowledge of security frameworks: NIST CSF, CIS Controls, ISO 27001