Security Engineer Data Security needed at Standard Bank Group

Job Description

Data Loss Prevention (DLP)

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.

Monitoring, Reporting & Incident Response

• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Forcepoint Certified Professional (or relevant product training)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus