Lead – Cybersecurity Operations & Amp; Cloud Resilience (Gauteng) needed at Sun International

Description

• Safeguard Sun International’s technology assets and data by leading security operations and resilience initiatives across on-prem and cloud environments.
• Drive proactive threat detection, incident response, and vulnerability management, while embedding Shift‑Left security practices into development and IaC workflows.
• Take full ownership of cloud security posture, ensuring continuous monitoring, compliance, and risk reduction aligned with business objectives and regulatory requirements.
• Operate and optimise SIEM/SOAR for automated threat detection and incident response.
• Lead full incident response lifecycle and drive preventative improvements.
• Manage vulnerability and patch management aligned to risk-based SLAs.
• Oversee cloud security posture across Azure and AWS.
• Monitor for misconfigurations, policy violations, and compliance gaps.
• Implement and maintain automated CSPM tools, dashboards, and baselines.
• Conduct regular cloud posture reviews and work with DevOps/architects to ensure secure deployments.
• Integrate CSPM checks into CI/CD pipelines.
• Embed security early in SDLC with DevSecOps practices.
• Implement SAST/DAST and dependency scanning within CI/CD.
• Define secure coding standards and enforce security gates.
• Review and harden IaC templates (Terraform, CloudFormation, ARM/Bicep).
• Apply policies-as-code and automated compliance checks for IaC deployments.
• Monitor IaC-related security incidents and coordinate remediation.
• Strengthen IAM, MFA, conditional access, and Zero Trust controls.
• Maintain Joiner-Mover-Leaver processes and privileged access governance.
• Ensure AD/Entra ID hygiene and run regular access reviews.
• Align controls with POPIA, GDPR, ISO 27001, and NIST.
• Prepare audit-ready evidence and documentation.
• Report KPIs/KRIs like misconfiguration trends, MTTD/MTTR, and patch compliance.
• Deliver targeted security training for developers and DevOps teams.
• Promote secure coding and IaC security practices across squads.

Core behavioural and Technical / proficiency competencies:

• Technical expertise in SIEM/SOAR, CSPM, IaC security, identity governance, and secure SDLC practices.
• Strategic risk-based decision-making and influencing skills.
• Ability to collaborate across IT, DevOps, and business teams to embed security culture

Requirements

• Minimum 8+ years in cybersecurity operations, risk management, and incident response.
• At least 2 years in cloud security engineering with hands-on IaC and CI/CD integration experience.
• Strong background in IAM, network security, encryption, and vulnerability management.
• Bachelor’s degree in Information Systems, Computer Science, or equivalent
• Preferred Certifications: CISSP, CISM, Certified Cloud Security Professional (CCSP), GIAC Cloud Security (GCSA), or equivalent industry-recognised credentials.
• Advantageous: Vendor specific certifications