Information Security Engineer

CrossBoundary Group

Johannesburg, Gauteng
Permanent
Full-time

15 days ago
Apply easily

CrossBoundary Group
Information Security EngineerAbout the FirmCrossBoundary Group is a mission-driven investment and advisory firm that unlocks the power of capital for sustainable growth and strong returns in underserved markets. CrossBoundary Advisory provides transaction and investment advisory services, having developed specialized expertise in unleashing investment across all sectors in these markets. CrossBoundary Advisory has advised on over US$8bn worth of transactions across 75 countries globally, serving our clients from 20 offices spread across Africa, Asia, Europe, and the Americas. Our advisory clients include governments, development finance institutions, private equity firms, Fortune 100 companies, and research institutions.Our investment platforms, CrossBoundary Energy, CrossBoundary Energy Access, and CrossBoundary Educational Infrastructure, directly finance projects to bring cheaper, cleaner, and more reliable electricity, as well as education infrastructure, to developing countries. Anchoring the Group’s work in the renewable energy sector, CrossBoundary Energy is currently active in more than 10 African countries and has a portfolio of over US$100 million of renewable energy projects for commercial and industrial clients across the continent. CrossBoundary Energy Access uses blended finance and an innovative project financing structure to unlock capital for mini grids with a mission to bring electricity for the first time to more than 170,000 people.Learn more at www.crossboundary.com.Job DescriptionCrossBoundary team is recruiting a full-time Information Security Engineer to join our Group IT team. We are seeking a resourceful, innovative, and creative problem-solver to implement solutions in response to the firm’s growing technology needs. The Information Security Engineer will lead information security initiatives and ensure the overall security of the information systems and the overall network. This role requires a comprehensive understanding of information security and a commitment to maintaining system security.The Information Security Engineer will join the Global IT team and report to the IT Manager to implement the firm’s security objectives.Who We AreThe CrossBoundary team is a unique group of people who are genuinely excited by the opportunity to make a difference in some of the world's most challenging and exciting renewable energy markets. The chosen candidate will play an important role in a unique team with the opportunity to make a large impact. Team members come from diverse backgrounds but share several qualities: curiosity, humility, integrity, a drive for excellence, and a bias for action.Who You Are

Excellence: You demonstrate and maintain the highest personal standards, continually pursuing opportunities for improvement. You are not afraid to get your hands dirty to untangle a complex issue
Curiosity: Exceptional attention to detail with excellent investigative skills to uncover trends and relationships. Enthusiastic about staying current with security threats and solutions.
Bias to Action: You don’t wait to be asked to add value. You are comfortable with ambiguity, accountable for your decisions, and can operate without direction in a fast-moving environment.
Integrity: You set your standards above the minimum required for compliance where necessary to deliver an excellent project. Creative, upholds ethical standards and values.
Collaborative: You are eager and willing to work with other colleagues and external parties to consistently deliver excellent work.
Deliberate: You are straightforward and known for choosing the simple, robust solution where more complicated approaches would deliver the same results. Your colleagues praise you for translating complex inputs into a plan of action.

Primary Responsibilities

Threat Management: Oversee threat management, handle vulnerabilities, manage patches, enforce CrossBoundary’s Cyber Security Policies, and assist in the development of Security Plans and Policies.
Strategic Guidance: Provide guidance on information security for large, complex, and strategically important initiatives such as DevOps, IaaS/PaaS, Cloud, and CI/CD.
Network Security Management: Manage the security of applications and the overall network. Utilize expertise in Microsoft Defender, Cisco Umbrella, Qualys, and Web Access Firewalls to fine-tune detection mechanisms and optimize security configurations
Advanced Detection: Develop, configure, and optimize advanced detection rules and analytics in Microsoft Sentinel to identify and respond to security threats effectively.
Security Monitoring and Incident Response: Perform regular scans of systems and networks, maintain continuous monitoring to detect potential security breaches or intrusions, coordinate incident response activities when security events occur, and keep incident response playbooks and procedures up-to-date.
IT Investigations and Risk Assessments: Carry out computer forensic analysis, data recovery, eDiscovery, and other IT investigative work. Conduct blue/red teaming exercises, security assessments, and risk assessments.
Security Education and Collaboration: Establish security standards and best practices, educate the workforce on information security, and work with cross-functional teams to integrate security best practices into our IT systems and processes.
Container and Endpoint Security Management: Oversee container security, patch management, GPO, and the Endpoint Protection Suite.
Staying up to date with the latest cybersecurity trends, threat intelligence, and emerging attack techniques to proactively enhance detection capabilities.

Required QualificationsThe ideal candidate will have the following skills and qualifications:

Bachelor’s degree in computer science, information technology, electrical engineering, or related discipline is required.
At least one professional certification in information/cloud security such as CEH, CISSP, or CISM is required.
At least 3 years of technical progressive experience in InfoSec
In-depth experience in Microsoft 365 (Exchange, Exchange Online, Azure, Defender, Teams, SharePoint, etc.), Conditional Access, and Entra ID
Practical experience with system security vulnerabilities, remediation techniques, penetration testing, intrusion detection and prevention, attack vectors, and hacker culture
Good understanding of web application technologies, protocols, and security, coupled with knowledge of scripting languages and automation experience.
Expertise in network security, including VPN, Firewall, URL filtering, network monitoring, Cloud, intrusion detection, application security, and wireless security
A strong grasp of endpoint security solutions, including File Integrity Monitoring and Data Loss Prevention
Familiarity with Security Information and Event Management (SIEM) such as Microsoft Sentinel

Think you have what it takes but are not sure you check every box? Research shows that while men apply to roles when they meet an average of 60% of the criteria, women often only apply when they meet every requirement. If you are passionate about what we are building, we want to hear from you!LocationCandidates may join our team in Johannesburg, South Africa; Lagos, Nigeria; Nairobi, Kenya; or Dubai, UAE.Equal Opportunity EmployerCrossBoundary is an equal-opportunity employer. If you need assistance and/or reasonable accommodation due to a disability during the application or the recruiting process, please send a request to human.resources@crossboundary.comPowered by JazzHR

CrossBoundary Group