245 Senior Security Specialists jobs in Johannesburg

Overview

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level - thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS
• Evaluates and selects security technologies, tools, and frameworks to support the organization's security
• Define portfolio vision and reusable security patterns aligned with the EA strategy
• Lead architecture reviews for high-risk projects, driving recommendations to resolution
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS
• Manage security architects and mentor engineers, developers, and vendors

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture
• Teamwork and Energy - work across different functional and business teams with effective collaboration
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF)

Requirements

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business
• Good experience in security architecture design in Cloud and on-prem
• Design and implementation of IOT, endpoint protection, and secure IAM
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling

Seniority level

• Mid-Senior level

Employment type

• Contract

Job function

• Information Technology

Industries

• IT Services and IT Consulting

#J-18808-Ljbffr

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

#J-18808-Ljbffr

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
As a Security Technical Architect at NTT DATA, you'll design robust security architectures that safeguard our systems, applications, and infrastructure. Working closely with cross-functional teams, you'll integrate security requirements throughout the system design and development lifecycle, ensuring our technology solutions are secure, compliant, and industry-leading.
On a day-to-day basis, you'll be viewed as a trusted technical advisor, collaborating with developers, engineers, and project managers to embed security into every project. Your expertise in secure coding practices, network security, identity and access management, DATA protection, and other security domains will be instrumental.
You'll play a pivotal role in evaluating and selecting security technologies, creating and enforcing security policies, and leading incident response activities. By setting technical standards and providing pre-sales technical support, you'll help define how our solutions meet client objectives and regulatory requirements.
Your role extends to managing client proof-of-concept initiatives and ensuring a smooth transition from proposed solutions to delivery. You'll document executive summaries, statements of work, and network diagrams, oversee pricing formats, and validate proposals, making you a key player in bringing security-focused projects to life.
**To thrive in this role, you need to have:**
+ Deep knowledge of security domains: network security, application security, cloud security, DATA protection, identity and access management, cryptography, and secure coding.
+ Proficiency in enterprise architecture principles and frameworks (e.g., TOGAF).
+ Understanding of security regulations, standards, and frameworks (e.g., ISO 27001, NIST, PCI dSS).
+ Hands-on experience with security technologies and tools (e.g., firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, secure coding analysis tools).
+ Experience in a large-scale, multinational technology services environment.
+ Excellent analytical and problem-solving abilities for assessing risks and analysing security issues.
+ Strong client engagement skills and technical consulting aptitude.
+ Ability to collaborate and communicate effectively with team members.
+ Bachelor's degree in IT, computer science, or a related field.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, 30 Baker Street

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.
• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Qualifications

Technical Skills

• Strong hands-on experience with Microsoft Purview DLP (E5).
• Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management).
• Experience with Forcepoint Web Security policy design, deployment, and management.
• Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred.
• Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus

#J-18808-Ljbffr

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, 30 Baker Street

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.
• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Qualifications

Technical Skills

• Strong hands-on experience with Microsoft Purview DLP (E5).
• Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management).
• Experience with Forcepoint Web Security policy design, deployment, and management.
• Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred.
• Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus

#J-18808-Ljbffr

Business Segment: Personal & Private Banking Location: ZA, GP, Johannesburg, 30 Baker Street Manage and fine-tune Microsoft Purview DLP policies for endpoints, Share Point, One Drive & Teams Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes. Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS). Tune policy exceptions and reduce false positives without compromising security. Email Security (Microsoft Defender for Office 365) Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies. Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection. Configure Safe Links, Safe Attachments, and ATP policies. Support investigations of email-based threats and data leakage attempts. Web Security (Forcepoint and DMARC) Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies. Investigate web-based threat alerts and policy violations. Assist in integration of web security controls with broader DLP and SIEM tools. Provide guidance for policy tuning and user experience improvements. Manage, Maintain and Support DMARC to ensure Email is protected against spoofing. SSE / Cloud Access Controls (Cato Networks) Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control. Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources. Review access logs, user behaviour, and cloud application usage for anomalies. Coordinate with network and identity teams to streamline SSE enforcement. Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed. Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness. Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments. Maintain documentation and support audit readiness. QualificationsTechnical Skills Strong hands-on experience with Microsoft Purview DLP (E5). Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management). Experience with Forcepoint Web Security policy design, deployment, and management. Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred. Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and Power Shell scripting. Experience 5+ years in IT Security roles, with at least 2–3 focused on data security. Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools. Exposure to regulated environments with compliance reporting (e.g., financial services) Soft Skills Detail-driven with strong analytical skills. Clear communicator, especially when engaging end-users on policy violations or tuning. Able to balance risk mitigation with operational practicality. Comfortable working across Info Sec, Infrastructure, Legal, and Business teams. Preferred Certifications Bachelors Degree in Computer Science (advantageous) Microsoft Certified: Information Protection Administrator Associate (SC-400) Microsoft Certified: Security Operations Analyst Associate (SC-200) General security certifications (e.g., Comp TIA Security+, CISM, CISSP) are a plus #J-18808-Ljbffr

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Security Technical Architect is an advanced subject matter expert, responsible for designing robust security architectures for our systems, applications, and infrastructure. collaborate with cross-functional teams to ensure that technology solutions are secure, compliant, and aligned with industry best practices.
Expertise will be crucial in protecting sensitive data, mitigating risks, and maintaining the confidentiality, integrity, and availability of organization systems is crucial for this role.
**What you'll be doing**
**Key Responsibilities:**
+ Designs and develops complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
+ Viewed as a trusted technical advisor to the client.
+ Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
+ Provide pre-sales technical support and expertise in analyzing client requirements, in conjunction with the client's current security capabilities.
+ Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
+ Evaluates and selects security technologies, tools, and frameworks to support our security architecture
+ Ensures technical solutions will accomplish the client's objectives
+ Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
+ Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
+ Develops or produces the technical design document to match the solution design specifications.
+ Working with the relevant internal stakeholders, participate or lead in scope of work determination, product pricing and RFP/RFI responses.
+ Assists with the determination of outsourcing, product pricing and collaborates with others to develop an implementation solution.
+ Responsible for influencing and guiding members of the Sales team and to ensure that they are equipped to close deals and maintain visibility of forecasting and sales pipeline in order to influence potential deals.
+ Manages client proof of concept (POC) initiatives, which will require the involvement of the appropriate resources, and setup and delivery of the POC.
+ On all assigned engagements, owns the proposed solution and transitions the build / implementation to the delivery team.
+ Specifically relating to opportunity pursuit this role will evaluate each opportunity for alignment with organizational capabilities and business policy, prepare the executive summary that outlines all of the information gathered from the client in regard to their needs, as understood, document the proposed technology solution, document the statement of work along with all labor requirements, work with the relevant internal stakeholders to prepare the pricing format that will be supplied to the customer, perform the actual solution design and prepare a parts list outlining equipment to be provided, develop and manage a proof-of-concept as such may be required, engage all technical resources required for an accurate solution design, prepare a network diagram outlining the proposed solution, document all deliverables and what constitutes a successful completion, review the final parts list as supplied and submit all information to the applicable bid team for final assembly, verify the proposal's accuracy and sign off on the final documents to be presented to the client, assist during the final presentation to the client as appropriate.
**Knowledge and Attributes:**
+ Advanced client engagement skills coupled with advance technical consulting ability.
+ May be accountable through team for delivery of tactical business targets.
+ Work is reviewed upon completion and is consistent with departmental objectives.
+ Demonstrate advanced client engagement skills.
+ Advanced understanding of the vendor's products business and technology positioning.
+ Advanced analytical and problem-solving skills, with the ability to assess risks, analyze complex security issues, and propose effective solutions.
+ Ability to collaborate and communicate effectively with team members, contributing to their success.
+ Advanced product knowledge integrated with technology understanding.
+ Advanced knowledge of security domains, including network security, application security, cloud security, data protection, identity and access management, cryptography, and secure coding practices.
+ Advanced proficiency in enterprise architecture principles, frameworks (such as TOGAF), and architectural patterns for designing secure and scalable systems.
+ Advanced understanding of security regulations, standards, and frameworks (such as ISO 27001, NIST, PCI DSS) and their practical application Basic understanding of key vendor subscription models such as Cisco EA 3.0 & Cisco Smart Licensing Model.
+ Advanced ability to use vendor's available CPQ tools such as Cisco CCW and others.
+ Experience with Key Security Vendors solutions such as Cisco, Checkpoint, Palo Alto, Fortinet, ZScaler, F5, and Cyberark
**Academic Qualifications and Certifications:**
+ Bachelor's degree in information technology, computer science or information systems or a related field.
+ Certification and working knowledge of Enterprise Architecture methodologies (for example, TOGAF, Zachman, SOA, ITIL, COBIT, etc.).
+ Software and programming languages, for example, DevSec, DevNet
+ SAFe Scaled Agile certification advantageous.
+ Related Vendor product, sales and technology certifications is a must
**Required Experience:**
+ Advanced professional technical experience within a large scale (preferably multi-national) technology services environment.
+ Advanced experience as a Security Technical Architect or a similar role, designing and implementing security architectures for complex systems and applications.
+ Advanced demonstrable experience in a professional technical role
+ Advanced experience with security technologies and tools, such as firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, and secure coding analysis tools.
+ Advanced experience in project management methodologies.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

We are seeking a skilled and detail-oriented Security Engineer with expertise in Microsoft technologies to join our security engineering and architecture team that provides security services to protect our business. This role will report into our Security Architect and Engineering Manager and will work closely across all IT Teams and business units.

In this role, you will be responsible for implementing, managing, and optimizing security solutions to protect our IT infrastructure, cloud environments, and applications. The ideal candidate will have hands-on experience with Microsoft security tools and technologies, such as Azure, Microsoft 365, Microsoft Purview and Microsoft Defender, and will play a critical role in safeguarding our digital assets.

What You'll Do:

Security Solution Implementation

• Implement, configure, and manage security solutions in Microsoft environments, including Azure, Microsoft 365, Microsoft Defender, Microsoft Purview and other Microsoft security tools.
• Ensure the secure deployment and configuration of Microsoft cloud resources, applications, and services, adhering to security best practices and company policies.
• Set up and maintain security controls such as firewalls including WAFs, VPNs, and endpoint protection across all environments.

Threat Detection and Incident Response

• Monitoring Network security portals and information feeds, responding to security events and escalating incidents where required;
• Investigate and respond to security incidents, performing root cause analysis and ensuring timely mitigation of risks and vulnerabilities.
• Collaborate with the Security Operations team to ensure effective detection and response to threats targeting the firms environments.

Identity and Access Management (IAM)

• Implement and manage identity and access controls in Azure Active Directory (AAD), including multi-factor authentication (MFA), conditional access policies, and role-based access control (RBAC).
• Assist in the deployment of identity governance solutions to secure user access across Microsoft 365 and Azure environments.
• Support the organisation’s adoption of Zero Trust principles within the Microsoft ecosystem.

Vulnerability Management and Risk Assessment

• Regularly assess and monitor Microsoft systems and services for vulnerabilities and security gaps, using tools like Microsoft Defender for Endpoint and Azure Security Centre.
• Collaborate with other teams to ensure timely patching and remediation of vulnerabilities within the environment.
• Perform security assessments and risk analysis for new Microsoft technologies, AI and cloud services.

Security Automation and Optimisation

• Automate security processes and tasks using PowerShell, Azure CLI, and other tools to improve efficiency and response times.
• Optimise security configurations across Microsoft environments to ensure best practices and consistent application of security controls.
• Continuously review and improve existing security processes, tools, and policies.

Compliance and Reporting

• Ensure Microsoft-based systems meet regulatory requirements (e.g., GDPR), internal security standards (ISO, SOC) and policies.
• Assist in security audits and assessments, providing the necessary documentation and evidence to support compliance initiatives.
• Generate regular security reports, dashboards, and metrics using Microsoft security tools to provide visibility into the health and security of Microsoft environments.

Collaboration and Effective Communication

• Work closely with IT, system administrators, and other security teams to coordinate incident response efforts, identify vulnerabilities, and implement mitigation strategies across the Microsoft technology stack.
• Communicate regularly with the Service Delivery managers and Service Delivery team members.
• Ensure that the IT Security documentation is maintained and updated regularly as required.
• Provide guidance and support to internal teams regarding Microsoft security best practices, threat mitigation, and incident response.
• Participate in security projects, including cloud migration efforts, that involve Microsoft technologies, ensuring security is a top priority.
• Provide input to the monthly IT Security report

Who You Are:

• 4+ years of experience in security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Azure, Microsoft Purview, and related Microsoft security products.
• Experience of working in a diverse Global Company;
• Experience in Data Loss Prevention (DLP) and Information Classification tools, Microsoft Purview and Azure Information Protection preferred.
• Understanding of key network and infrastructure security solutions such as firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM (Sentinel);
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools (Nessus/Tenable.io/Qualys);
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Hands on experience of applying security to Windows server, SQL Server and endpoints;
• Knowledge of security technologies (encryption, data protection, permissions, privilege access etc.);
• Knowledge of applying CIS benchmark policies in Azure & O365;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Good working knowledge of Active Directory services, including reporting and auditing of Active Directory objects;
• Experience of investigating security issues/incidents;
• Skilled in using scripting tools (PowerShell, MS CLI & VBS).
• Understand Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
• Experience of dealing with third party security managed service providers;
• Desirable qualifications, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Cloud Security Professional (CCSP) or other similar security certifications or demonstratable experience.
• Good communication (English Writing, Reading and Speaking) skills and ability to articulate subjects clearly.
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organised, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.
• Takes the initiative to proactively resolve issues within own remit and recognises when escalation is required;
• Uses own knowledge and experience to make sounds judgements or assist others with sound judgements;
• Considers the regional and global implications of what we do in our own areas of responsibility;
• Identifies and builds relationships across team and region;
• Understands need to work within project scope, including price;
• Shows understanding of others in order to influence as appropriate.

#J-18808-Ljbffr

This range is provided by Control Risks. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

ZAR560,000.00/yr - ZAR600,000.00/yr

We are seeking a skilled and detail-oriented Security Engineer with expertise in Microsoft technologies to join our security engineering and architecture team that provides security services to protect our business. This role will report into our Security Architect and Engineering Manager and will work closely across all IT Teams and business units.

In this role, you will be responsible for implementing, managing, and optimizing security solutions to protect our IT infrastructure, cloud environments, and applications. The ideal candidate will have hands-on experience with Microsoft security tools and technologies, such as Azure, Microsoft 365, Microsoft Purview and Microsoft Defender, and will play a critical role in safeguarding our digital assets.

Requirements

What You'll Do:

Security Solution Implementation

• Implement, configure, and manage security solutions in Microsoft environments, including Azure, Microsoft 365, Microsoft Defender, Microsoft Purview and other Microsoft security tools.
• Ensure the secure deployment and configuration of Microsoft cloud resources, applications, and services, adhering to security best practices and company policies.
• Set up and maintain security controls such as firewalls including WAFs, VPNs, and endpoint protection across all environments.
  
  
  

Threat Detection and Incident Response

• Monitoring Network security portals and information feeds, responding to security events and escalating incidents where required;
• Investigate and respond to security incidents, performing root cause analysis and ensuring timely mitigation of risks and vulnerabilities.
• Collaborate with the Security Operations team to ensure effective detection and response to threats targeting the firms environments.
  
  
  

Identity and Access Management (IAM)

• Implement and manage identity and access controls in Azure Active Directory (AAD), including multi-factor authentication (MFA), conditional access policies, and role-based access control (RBAC).
• Assist in the deployment of identity governance solutions to secure user access across Microsoft 365 and Azure environments.
• Support the organisation's adoption of Zero Trust principles within the Microsoft ecosystem.
  
  
  

Vulnerability Management and Risk Assessment

• Regularly assess and monitor Microsoft systems and services for vulnerabilities and security gaps, using tools like Microsoft Defender for Endpoint and Azure Security Centre.
• Collaborate with other teams to ensure timely patching and remediation of vulnerabilities within the environment.
• Perform security assessments and risk analysis for new Microsoft technologies, AI and cloud services.
  
  
  

Security Automation and Optimisation

• Automate security processes and tasks using PowerShell, Azure CLI, and other tools to improve efficiency and response times.
• Optimise security configurations across Microsoft environments to ensure best practices and consistent application of security controls.
• Continuously review and improve existing security processes, tools, and policies.
  
  
  

Compliance and Reporting

• Ensure Microsoft-based systems meet regulatory requirements (e.g., GDPR), internal security standards (ISO, SOC) and policies.
• Assist in security audits and assessments, providing the necessary documentation and evidence to support compliance initiatives.
• Generate regular security reports, dashboards, and metrics using Microsoft security tools to provide visibility into the health and security of Microsoft environments.
  
  
  

Collaboration and Effective Communication

• Work closely with IT, system administrators, and other security teams to coordinate incident response efforts, identify vulnerabilities, and implement mitigation strategies across the Microsoft technology stack.
• Communicate regularly with the Service Delivery managers and Service Delivery team members.
• Ensure that the IT Security documentation is maintained and updated regularly as required.
• Provide guidance and support to internal teams regarding Microsoft security best practices, threat mitigation, and incident response.
• Participate in security projects, including cloud migration efforts, that involve Microsoft technologies, ensuring security is a top priority.
• Provide input to the monthly IT Security report
  
  
  

Who You Are:

• 4+ years of experience in security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Azure, Microsoft Purview, and related Microsoft security products.
• Experience of working in a diverse Global Company;
• Experience in Data Loss Prevention (DLP) and Information Classification tools, Microsoft Purview and Azure Information Protection preferred.
• Understanding of key network and infrastructure security solutions such as firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM (Sentinel);
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools (Nessus/Tenable.io/Qualys);
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Hands on experience of applying security to Windows server, SQL Server and endpoints;
• Knowledge of security technologies (encryption, data protection, permissions, privilege access etc.);
• Knowledge of applying CIS benchmark policies in Azure & O365;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Good working knowledge of Active Directory services, including reporting and auditing of Active Directory objects;
• Experience of investigating security issues/incidents;
• Skilled in using scripting tools (PowerShell, MS CLI & VBS).
• Understand Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
• Experience of dealing with third party security managed service providers;
• Desirable qualifications, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Security, Compliance, and Identity Fundamentals, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, Certified Cloud Security Professional (CCSP) or other similar security certifications or demonstratable experience.
• Good communication (English Writing, Reading and Speaking) skills and ability to articulate subjects clearly.
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organised, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.
• Takes the initiative to proactively resolve issues within own remit and recognises when escalation is required;
• Uses own knowledge and experience to make sounds judgements or assist others with sound judgements;
• Considers the regional and global implications of what we do in our own areas of responsibility;
• Identifies and builds relationships across team and region;
• Understands need to work within project scope, including price;
• Shows understanding of others in order to influence as appropriate.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Control Risks by 2x

Sign in to set job alerts for “Security Engineer” roles.

Johannesburg Metropolitan Area 2 hours ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 2 days ago

Johannesburg Metropolitan Area 4 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 1 week ago

Johannesburg, Gauteng, South Africa 8 months ago

Johannesburg Metropolitan Area 3 hours ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 1 week ago

Randburg, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 5 hours ago

Midrand, Gauteng, South Africa 2 weeks ago

Cyber Security Specialist (Governance, Risk & Compliance)

Midrand, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 3 days ago

City of Johannesburg, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 1 week ago

Sandton, Gauteng, South Africa 6 days ago

Johannesburg, Gauteng, South Africa ZAR660,000.00-ZAR960,000.00 4 months ago

SAP Security and Authorizations Specialist (f/m/d)

Johannesburg, Gauteng, South Africa 1 week ago

Security Architecture and Engineering Manager

Johannesburg, Gauteng, South Africa 3 days ago

Johannesburg, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 4 months ago

SAP Security and Authorizations Specialist (f/m/d)

Johannesburg Metropolitan Area 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr