119 Cissp jobs in Johannesburg

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, 30 Baker Street

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.
• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Technical Skills

• Strong hands-on experience with Microsoft Purview DLP (E5).
• Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management).
• Experience with Forcepoint Web Security policy design, deployment, and management.
• Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred.
• Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus

SUMMARY : POSITION INFO :

Key Experience :

• At least 4-7 years of Cloud Experience (AWS, Azure, or GCP)
• Securing cloud environments and protecting data
• Implementing security measures, monitoring cloud infrastructure for threats, and responding to security incidents
• Experience with security tools such as firewalls, intrusion detection systems, and identity and access management solutions
• Architecting Microsoft Azure Solutions Certification
• Configuring and maintaining MS Azure PaaS, IaaS, & SaaS offerings
• Developing Microsoft Azure Solutions Certification
• Exposure to Active Directory, Hyper-V (administration & configuration), IIS Administration, OS internal concepts, and security
• Implementing Microsoft Azure Infrastructure Solutions Certifications
• Experience with Microsoft Management tools (SCOM, SCCM, SCSM, MS Orchestrator (Opalis))
• MS SQL Server performance tuning
• Server clustering experience
• Understanding security and segregation of duty requirements for enterprise systems
• Working knowledge of networking concepts including VIPs, NAT, DNS, networking tools (ping, tracert, tracemon, NetMon, Wireshark), and scripting tools (PowerShell & XML)

Qualifications :

• Senior Certificate or NQF 4 equivalent
• Bachelor’s Degree in Computer Science or equivalent (advantageous)
• Relevant Cloud Security Certifications

Soft Skills :

• Collaborative personality with excellent communication and presentation skills, able to interact effectively at all organizational levels
• Excellent analytical, organizational, problem-solving, and time management skills
• Strong training and writing skills in English
• Motivated with a strong work ethic

Scope of Work :

• Participate in Continuous Improvement initiatives
• Design and architecture of Cloud Infrastructure
• Maintenance of Customer Cloud Infrastructure
• Deployment of Customer Environments
• Support for Customer Environments
• Compliance with Cyber Security Regulations
• System hardware and software installation, configuration, operation, and maintenance
• Engage with users and analysts to provide solutions following the Application Lifecycle Management (ALM) process
• Estimate architecture costs
• Performance monitoring, proactive management, and reporting
• Server administration

We are seeking a skilled and detail-oriented Security Engineer with expertise in Microsoft technologies to join our security engineering and architecture team that provides security services to protect our business. This role will report into our Security Architect and Engineering Manager and will work closely across all IT Teams and business units.

In this role, you will be responsible for implementing, managing, and optimizing security solutions to protect our IT infrastructure, cloud environments, and applications. The ideal candidate will have hands-on experience with Microsoft security tools and technologies, such as Azure, Microsoft 365, Microsoft Purview and Microsoft Defender, and will play a critical role in safeguarding our digital assets.

Security Solution Implementation

• Implement, configure, and manage security solutions in Microsoft environments, including Azure, Microsoft 365, Microsoft Defender, Microsoft Purview and other Microsoft security tools.
• Ensure the secure deployment and configuration of Microsoft cloud resources, applications, and services, adhering to security best practices and company policies.
• Set up and maintain security controls such as firewalls including WAFs, VPNs, and endpoint protection across all environments.

Threat Detection and Incident Response

• Monitoring Network security portals and information feeds, responding to security events and escalating incidents where required;
• Investigate and respond to security incidents, performing root cause analysis and ensuring timely mitigation of risks and vulnerabilities.
• Collaborate with the Security Operations team to ensure effective detection and response to threats targeting the firms environments.

Identity and Access Management (IAM)

• Implement and manage identity and access controls in Azure Active Directory (AAD), including multi-factor authentication (MFA), conditional access policies, and role-based access control (RBAC).
• Assist in the deployment of identity governance solutions to secure user access across Microsoft 365 and Azure environments.
• Support the organisation’s adoption of Zero Trust principles within the Microsoft ecosystem.

Vulnerability Management and Risk Assessment

• Regularly assess and monitor Microsoft systems and services for vulnerabilities and security gaps, using tools like Microsoft Defender for Endpoint and Azure Security Centre.
• Collaborate with other teams to ensure timely patching and remediation of vulnerabilities within the environment.
• Perform security assessments and risk analysis for new Microsoft technologies, AI and cloud services.

Security Automation and Optimisation

• Automate security processes and tasks using PowerShell, Azure CLI, and other tools to improve efficiency and response times.
• Optimise security configurations across Microsoft environments to ensure best practices and consistent application of security controls.
• Continuously review and improve existing security processes, tools, and policies.

Compliance and Reporting

• Ensure Microsoft-based systems meet regulatory requirements (e.g., GDPR), internal security standards (ISO, SOC) and policies.
• Assist in security audits and assessments, providing the necessary documentation and evidence to support compliance initiatives.
• Generate regular security reports, dashboards, and metrics using Microsoft security tools to provide visibility into the health and security of Microsoft environments.

Collaboration and Effective Communication

• Work closely with IT, system administrators, and other security teams to coordinate incident response efforts, identify vulnerabilities, and implement mitigation strategies across the Microsoft technology stack.
• Communicate regularly with the Service Delivery managers and Service Delivery team members.
• Ensure that the IT Security documentation is maintained and updated regularly as required.
• Provide guidance and support to internal teams regarding Microsoft security best practices, threat mitigation, and incident response.
• Participate in security projects, including cloud migration efforts, that involve Microsoft technologies, ensuring security is a top priority.
• Provide input to the monthly IT Security report

• 4+ years of experience in security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Azure, Microsoft Purview, and related Microsoft security products.
• Experience of working in a diverse Global Company;
• Experience in Data Loss Prevention (DLP) and Information Classification tools, Microsoft Purview and Azure Information Protection preferred.
• Understanding of key network and infrastructure security solutions such as firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM (Sentinel);
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools (Nessus/Tenable.io/Qualys);
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Hands on experience of applying security to Windows server, SQL Server and endpoints;
• Knowledge of security technologies (encryption, data protection, permissions, privilege access etc.);
• Knowledge of applying CIS benchmark policies in Azure & O365;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Good working knowledge of Active Directory services, including reporting and auditing of Active Directory objects;
• Experience of investigating security issues/incidents;
• Skilled in using scripting tools (PowerShell, MS CLI & VBS).
• Understand Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
• Experience of dealing with third party security managed service providers;
• Desirable qualifications, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Cloud Security Professional (CCSP) or other similar security certifications or demonstratable experience.
• Good communication (English Writing, Reading and Speaking) skills and ability to articulate subjects clearly.
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organised, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.
• Takes the initiative to proactively resolve issues within own remit and recognises when escalation is required;
• Uses own knowledge and experience to make sounds judgements or assist others with sound judgements;
• Considers the regional and global implications of what we do in our own areas of responsibility;
• Identifies and builds relationships across team and region;
• Understands need to work within project scope, including price;
• Shows understanding of others in order to influence as appropriate.

Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity, and our diverse talent reflects this commitment.

Job Description

• Matric
• Degree or diploma in IT or related field
• 3-4 years of relevant experience
• 2+ years of experience as a Cloud Security Engineer and in cloud compliance
• Certifications: CompTIA Security+, AWS Cloud Practitioner, AWS Security Specialty, Certified Cloud Security Professional (CCSP), GIAC Cloud Security Automation (GCSA)

Preferred Additional Qualifications / Experience (Not Mandatory)

• CASP+ - CompTIA Advanced Security Practitioner
• CCNP Cloud - Cisco Certified Network Professional Cloud

The role involves designing and building the organization's cybersecurity systems and infrastructure, providing specialist knowledge on maintaining a secure cyber security framework, analyzing and monitoring cybersecurity measures, and responding to penetration attempts by malicious hackers.

Responsibilities include:

• Leading detection and analysis of security incidents, including attacks, breaches, and vulnerabilities, and remediating security gaps
• Designing and implementing disaster recovery and contingency plans to protect company data
• Exploring external developments or emerging issues and evaluating their potential impact
• Conducting research and analyzing data to identify key themes and trends
• Drafting policies, procedures, and guidelines to ensure compliance
• Collecting and analyzing business requirements to meet organizational goals
• Providing fault diagnosis and resolution for complex challenges
• Recommending technical developments to improve software and infrastructure
• Ensuring operational compliance with policies, procedures, and regulatory codes
• Contributing to database specifications and standards
• Developing personal capabilities through ongoing education and training

Skills required: Adaptive Thinking, Application Development, Computer Literacy, Confidentiality, Data Management, Data Privacy, Data Recovery, Digital Literacy, IT Network Security, Testing, and more.

Core Competencies: Action Oriented, Effective Communication, Innovation, Accountability, Managing Complexity, Learning Agility, Process Optimization, Persuasion.

Educational Qualification: NQF Level 7 - Degree, Advanced Diploma, or Postgraduate Certificate or equivalent.

Closing Date: 04 September 2025, 23:59

The appointment will be made in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit.

The Old Mutual Story!

Join to apply for the Senior Security Engineer role at Blue Pearl .

Senior Security Engineer to provide provisional (consultation basis) support for Tier 3 security solutions, focusing on escalation calls. These include Checkpoint, Firepower, ASA, F5, and Cisco ISE. The role involves participating in projects, designing, deploying, configuring, and troubleshooting security solutions.

• One (1) Senior Cisco Security Engineer - Certified CCIE (Security), with at least 5 years’ experience.
• Senior Security Engineer - F5 BIG-IP Certified Technical Specialist (LTM & ASM) with CSE as an advantage, with at least 5 years’ experience.
• Senior Security Engineer - Certified Checkpoint CCSA and CCSE, with at least 5 years’ experience (CCSM as an advantage).

• Seniority level: Not Applicable
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Referrals can double your chances of interview at Blue Pearl.

This job posting is active. No indication of expiration is present.

This range is provided by Control Risks. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

ZAR560,000.00/yr - ZAR600,000.00/yr

We are seeking a skilled and detail-oriented Security Engineer with expertise in Microsoft technologies to join our security engineering and architecture team that provides security services to protect our business. This role will report into our Security Architect and Engineering Manager and will work closely across all IT Teams and business units.

In this role, you will be responsible for implementing, managing, and optimizing security solutions to protect our IT infrastructure, cloud environments, and applications. The ideal candidate will have hands-on experience with Microsoft security tools and technologies, such as Azure, Microsoft 365, Microsoft Purview and Microsoft Defender, and will play a critical role in safeguarding our digital assets.

Requirements

What You'll Do:

Security Solution Implementation

• Implement, configure, and manage security solutions in Microsoft environments, including Azure, Microsoft 365, Microsoft Defender, Microsoft Purview and other Microsoft security tools.
• Ensure the secure deployment and configuration of Microsoft cloud resources, applications, and services, adhering to security best practices and company policies.
• Set up and maintain security controls such as firewalls including WAFs, VPNs, and endpoint protection across all environments.
  
  
  

• Monitoring Network security portals and information feeds, responding to security events and escalating incidents where required;
• Investigate and respond to security incidents, performing root cause analysis and ensuring timely mitigation of risks and vulnerabilities.
• Collaborate with the Security Operations team to ensure effective detection and response to threats targeting the firms environments.
  
  
  

• Implement and manage identity and access controls in Azure Active Directory (AAD), including multi-factor authentication (MFA), conditional access policies, and role-based access control (RBAC).
• Assist in the deployment of identity governance solutions to secure user access across Microsoft 365 and Azure environments.
• Support the organisation's adoption of Zero Trust principles within the Microsoft ecosystem.
  
  
  

• Regularly assess and monitor Microsoft systems and services for vulnerabilities and security gaps, using tools like Microsoft Defender for Endpoint and Azure Security Centre.
• Collaborate with other teams to ensure timely patching and remediation of vulnerabilities within the environment.
• Perform security assessments and risk analysis for new Microsoft technologies, AI and cloud services.
  
  
  

• Automate security processes and tasks using PowerShell, Azure CLI, and other tools to improve efficiency and response times.
• Optimise security configurations across Microsoft environments to ensure best practices and consistent application of security controls.
• Continuously review and improve existing security processes, tools, and policies.
  
  
  

• Ensure Microsoft-based systems meet regulatory requirements (e.g., GDPR), internal security standards (ISO, SOC) and policies.
• Assist in security audits and assessments, providing the necessary documentation and evidence to support compliance initiatives.
• Generate regular security reports, dashboards, and metrics using Microsoft security tools to provide visibility into the health and security of Microsoft environments.
  
  
  

• Work closely with IT, system administrators, and other security teams to coordinate incident response efforts, identify vulnerabilities, and implement mitigation strategies across the Microsoft technology stack.
• Communicate regularly with the Service Delivery managers and Service Delivery team members.
• Ensure that the IT Security documentation is maintained and updated regularly as required.
• Provide guidance and support to internal teams regarding Microsoft security best practices, threat mitigation, and incident response.
• Participate in security projects, including cloud migration efforts, that involve Microsoft technologies, ensuring security is a top priority.
• Provide input to the monthly IT Security report
  
  
  

• 4+ years of experience in security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Azure, Microsoft Purview, and related Microsoft security products.
• Experience of working in a diverse Global Company;
• Experience in Data Loss Prevention (DLP) and Information Classification tools, Microsoft Purview and Azure Information Protection preferred.
• Understanding of key network and infrastructure security solutions such as firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM (Sentinel);
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools (Nessus/Tenable.io/Qualys);
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Hands on experience of applying security to Windows server, SQL Server and endpoints;
• Knowledge of security technologies (encryption, data protection, permissions, privilege access etc.);
• Knowledge of applying CIS benchmark policies in Azure & O365;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Good working knowledge of Active Directory services, including reporting and auditing of Active Directory objects;
• Experience of investigating security issues/incidents;
• Skilled in using scripting tools (PowerShell, MS CLI & VBS).
• Understand Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
• Experience of dealing with third party security managed service providers;
• Desirable qualifications, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Cloud Security Professional (CCSP) or other similar security certifications or demonstratable experience.
• Good communication (English Writing, Reading and Speaking) skills and ability to articulate subjects clearly.
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organised, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.
• Takes the initiative to proactively resolve issues within own remit and recognises when escalation is required;
• Uses own knowledge and experience to make sounds judgements or assist others with sound judgements;
• Considers the regional and global implications of what we do in our own areas of responsibility;
• Identifies and builds relationships across team and region;
• Understands need to work within project scope, including price;
• Shows understanding of others in order to influence as appropriate.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Control Risks by 2x

Johannesburg Metropolitan Area 2 hours ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 2 days ago

Johannesburg Metropolitan Area 4 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 1 week ago

Johannesburg, Gauteng, South Africa 8 months ago

Johannesburg Metropolitan Area 3 hours ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 1 week ago

Randburg, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 5 hours ago

Midrand, Gauteng, South Africa 2 weeks ago

Midrand, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 3 days ago

City of Johannesburg, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 1 week ago

Sandton, Gauteng, South Africa 6 days ago

Johannesburg, Gauteng, South Africa ZAR660,000.00-ZAR960,000.00 4 months ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 3 days ago

Johannesburg, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 4 months ago

Johannesburg Metropolitan Area 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Business Segment: Personal & Private Banking

Security Engineering is seeking an experienced Security Engineer who has specialised in Oauth2 and OpenID Connect to join our team. In this role, you will be responsible for designing, developing, and implementing secure identity solutions that meet the needs of our clients. You will work closely with cross-functional teams to ensure the integration of identity services into our software applications, as well as contribute to the overall security strategy of the organisation.

If you are a self-motivated individual who is passionate about designing and implementing secure identity solutions, we encourage you to apply for this position. You will have the opportunity to work with a talented team of professionals and contribute to the success of our organization.

Minimum Qualifications
Type of Qualification: First Degree
Field of Study: Information Technology

• Bachelor's degree in Computer Science, Information Technology, or related field.
• Relevant industry certifications such as CISSP, CISM, or CCSP.
• Familiarity with DevOps practices and tools such as Docker and OpenShift.
• Relevant AWS/Azure Cloud Certifications.

Experience Required
Software Engineering

• Minimum of 5 years of experience in developing and implementing identity solutions using Oauth2 and OpenID Connect.
• Strong understanding of identity and access management principles and best practices.
• Experience with authentication and authorization protocols such as SAML, LDAP, and Kerberos.
• Familiarity with identity and access management tools such as PingFederate, Okta, or ForgeRock.
• Knowledge of cloud security and integration with cloud providers such as AWS, Azure, or Google Cloud Platform.
• Excellent problem-solving skills and ability to troubleshoot technical issues.
• Strong communication skills and ability to collaborate with cross-functional teams.

Please note: All our recruitment processes comply with the applicable local laws and regulations. We will never ask for money or any form of payment as part of our recruitment process. If you experience this, please contact our Fraud line on or

• Monitoring system performance and ensuring all technical infrastructure is running smoothly.
• Supervising technical staff and overseeing projects to ensure they are progressing as planned.
• Monitoring the security alerts and ensuring the timely resolution of vulnerabilities and incidents.
• Ensuring daily backups and necessary data recovery processes are operational.
• Aligning technology strategy with business objectives and ad hoc requirements.
• Responding to urgent technical crises and ensuring resolution.
• Providing status reports on the IT landscape, including updates on ongoing projects, security posture, and system performance.
• Holding team meetings to foster collaboration, address concerns, and facilitate knowledge sharing.
• Reviewing and prioritizing project requests from different departments.
• Coordinating with vendors and partners for service improvements, negotiations, and addressing any issues.
• Reviewing the progress of strategic IT initiatives and ensuring they align with the organizational goals.
• Reviewing compliance reports and working towards resolving identified issues.
• Overseeing GRC initiatives and ensuring adherence to the necessary frameworks and regulations.
• Facilitating training and development sessions for the team to keep them updated with the latest trends and best practices.
• Developing and assisting with the annual budget for the technology departments.
• Conducting a comprehensive review of the year’s performance.
• Ensuring the IT strategy aligns with the organization's long-term strategic goals and regulatory requirements.
• Conducting risk assessments and developing risk management strategies to mitigate identified risks.
• Reviewing and updating organizational IT policies to ensure they remain relevant and compliant with the regulatory requirements.

• Keeping abreast of the latest developments in privacy regulations and industry best practices.
• Responding to any data breaches or privacy incidents, coordinating with different teams to manage the situation effectively.
• Advising various departments on privacy matters, answering queries, and providing guidance.
• Offering training and awareness programs to employees and other stakeholders.
• Ensuring that all privacy-related documents are up-to-date and readily accessible.
• Regularly reviewing the organization's privacy policies and procedures to ensure their effectiveness.
• Reporting on the status of privacy compliance within the organization.
• Engaging with different stakeholders, including employees and vendors, to discuss privacy concerns and updates.
• Performing privacy risk assessments and working on mitigating identified risks.
• Conducting privacy impact assessments when the need arises.
• Updating privacy policies based on the assessment of recent privacy incidents and regulatory developments.
• Reviewing the privacy practices of third-party vendors and partners to ensure compliance.
• Developing and updating the strategic privacy plan, setting goals for the upcoming year.
• Conducting a comprehensive privacy compliance audit to identify gaps and areas for improvement.

Qualifications/Requirements

• Bachelor's Degree in Computer Science or related field AND 5+ years of experience in software development lifecycle, large-scale computing, modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), and operations incident response.
• 10+ years work experience in same or similar role.
• Experience in Audits (ISO, SOC, etc.) and remediation follow up.
• Certifications like Certified Information Privacy Manager (CIPM) and/or Certified Information Privacy Technologist (CIPT) is a plus.
• Experience in conducting privacy reviews and participating in on-call rotations.
• In-depth knowledge of the Microsoft Privacy Standard.
• In-depth knowledge of Microsoft Data Handling Standards.
• Experience in translating Privacy Policies and Standards into effective controls.
• The ability to collaborate across teams and partner well with people with diverse professional backgrounds.
• The flexibility to manage and balance workloads that may vary and be unpredictable and processes that may be repetitious.