Job Description

at DigiCert
Cape Town

ABOUT DIGICERT Wexe2x80x99re a leading, global security authority thatxe2x80x99s disrupting our own category. Our encryption is trusted by the major ecommerce brands, the worldxe2x80x99s largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to little things like surgically embedded pacemakers. We help companies put trustxe2x80x94an abstract ideaxe2x80x94to work. Thatxe2x80x99s digital trust for the real world. Position: Principal Security and IR Architect to be based in Cape Town. The Principal Security Specialist will join DigiCertxe2x80x99s crusade in delivering world-class Cyber Trust capabilities, continuously advancing global security operations by building programs to further strengthen DigiCertxe2x80x99s Security hygiene posture as well as activities to continuously evolve crisis response functions.
This exciting opportunity empowers strategic collaboration, joining forces across multiple business areas, and architecting scalable systems to achieve DigiCertxe2x80x99s common vision. PRIMARY RESPONSIBILITIES AND COMPETENCIES

• Develop technical integrations between security and operational technologies.
• Partner with business units to provide centralized, platform-driven technical solutions for Vulnerability, risk and incident management.
• Join forces with Product and Engineering to promote embedded security solutions, driving speed and agility of delivery.
• Assess anomaly detections and investigate security events, promoting a continuous improvement feedback loop for posture strengthening.
• Partner with developers to design SDLC-integrated security solutions, promoting continuous deployment, driving speed and agility.
• Perform threat modeling exercises.
• Review disparate business processes to develop integrated and efficient solutions.
• Drive security-partnered programs, with operational stability, continuously maturing DigiCertxe2x80x99s security posture, utilizing the CMMI model.
• Join forces on providing system security, promoting node rotations and exception management.
• Drive security risk and assessment systems, driving vulnerability management based on business risk and appetite thresholds.
• Partner on third-party risk management lifecycle activities.
• Develop program documentation to promote operational stability and scalability.
• Support Leadership in strategic planning.
• Develop security policies and standards, as needed.
• Drive and support security identified remediation efforts.
• Foster and promote a security-forward culture.
• Mentor junior team members.
• Other duties and responsibilities, as assigned.

REQUIRED QUALIFICATIONS (EDUCATION, EXPERIENCE, &/OR CERTIFICATION)

• Programming: Python, Bash, PowerShell, JavaScript
• OS: Windows, Linux
• Network Protocols: TCP/UDP/SSL/TLS
• Tools: Splunk, Tanium, Kibana, Tenable, Atlassian, Crowdstrike, Burp, Metasploit, snort, Suricata
• Must have experience working in Threat Detection and Incident Response
• 8+ years of experience in Information Security
• Advanced level of knowledge of Information Security design concepts and principles
• Experience with cloud-based identity providers, SSO, SAML, etc
• Experience with cloud-based DDoS/WAF providers (preferably Imperva)
• Experience with vulnerability management technologies
• Experience with threat hunting and malware identification, analysis, and removal
• CISSP required

PREFERRED QUALIFCATIONS & EXPERIENCE

• Bachelorxe2x80x99s degree in network security or computer science
• Master's degree in a technical discipline
• Experience working in highly regulated environments.
• 3-5 years of experience with SIEM technologies (preferably Splunk)
• Advanced level of knowledge of IT frameworks and standards (NIST, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust)
• Advanced level of experience with Incident Response.
• Certified Information Systems Auditor (CISA)

#LI-LV1