Cyber Security Specialist: Engineering It Cyber Security Architecture & Engineering

Main PurposeAt Woolies we are on a mission to maintain and develop a high-performing cybersecurity function in support of a complex business undergoing digital transformation. We are looking for a senior architecture and engineering member of the cybersecurity team. This role supports the manager as part of a small technical team that designs, maintains and enhances the security technology stack with a zero-trust philosophy, supporting the key principles of ‘security by design and default’, and leverages modern technology and AI capabilities. This function enables security and technology teams through both change, operations and engineering.This is a highly technical role that requires demonstrable experience in security architecture, security tool management, SecOps optimization, and engineering to ensure we get value out of all the technology tools.IF YOU JOIN US, YOU’LL DO A LOT OF / Key ResponsibilitiesTake responsibility for the cybersecurity technology landscape across Woolworths.Knowledge and technical ability to utilize and optimize security tools.Enhance technology solutions to automate and streamline operations.Take responsibility for the infrastructure of identified cybersecurity tools – maintain, enhance, secure and upgrade where relevant.Work with the SOC to configure (including coding and scripting) SOC tools and alerts.Enabling mature active defence processes through continual validation and verification of infrastructure, platform, applications, and data asset controls.Enhancing defence continuously – work with the SecOps team to update defence capabilities in line with threats, vulnerabilities and exploits identified during threat hunting. Automating and re-engineering for optimization.Integrate security practices into the SDLC and DevSecOps under the guiding principles of' 'Security by Design’.Support the team in conducting Security Architecture reviews for Projects or Business Enablement.Establish relationships with key stakeholders for effective cross-team collaboration and implementation of security operations and engineering processes.Supporting the broader Cyber Security Team – collaboration to drive and support various operational and strategic initiatives.Help define and set security operations standards.Provide context and guidance to implement security improvements in both security architecture and SecOps engineering.Contribute to Business Case formulation with the relevant security input – advisory, standards and security patterns.YOU’LL BE DOING SOME OF THIS / Additional ResponsibilitiesPlan and prioritize projects and workload to deliver to the roadmap.Provide updates, context and feedback to relevant stakeholders.Support proactive threat modelling with other cyber and technology stakeholders. Remain aware of global security industry trends and translate these into meaningful contributions to the cybersecurity strategy, principles and ways of working.Understand Cyber, IT and Business strategies and contribute to the creation and delivery of the annual cybersecurity roadmap and execution with a specific focus on security architecture and engineering disciplines. Job Requirements / WE’RE LOOKING FOR SOMEONE WHO HAS MandatoryGrade 12 and relevant degree/diploma/certifications3+ years relevant experience in cyber security, up to 10 years in IT Hands on practical experience in SOC tools i.e. SIEM, XDR, EDR, SOAR, CASB, CSPM.Experience in optimizing security operations tools engineering them for efficiencyKnowledge of security architecture and threat modelling. Knowledge of cloud security architecture and technologiesExperience in optimizing security operations tools engineering them for efficiencyMay be required to assist outside of working hours / be on standby.AdvantageousRelevant qualifications and certifications such CEH, CISSP, CISM, CCSP, TOGAF and/or SABSAAdditional CriteriaExperience in programming and scripting is highly advantageous.Industry certifications (e.g. CEH, AWS and/or AZURE certifications) are beneficial.Experience in building and maturing SOC capabilities is advantageous.Experience with automation and ML/AI capabilities.Practical experience with adversarial frameworks such as MITRE ATT&CK.Working knowledge of PCI-DSS.Hands on experience with cloud computing.If you are interested in the above position please send your CV to RecruitmentITS@Woolworths.co.za, clearly stating the job you are applying for as well as the reference number of the job