It Security Officer – Cloud & Infrastructure (Remote)

ENVIRONMENT: Define, implement and maintain the security posture across AWS, Microsoft Azure, and Microsoft environments of a fast‑paced eCommerce platform. This role ensures the confidentiality, integrity, and availability of cloud systems and corporate data supporting the company's global retail and eCommerce operations. The successful candidate will balance hands‑on cloud security expertise with strong governance, risk management, and reporting capabilities – ensuring security enables business growth while maintaining compliance and resilience.

• Cloud Security Management (AWS & Azure): Maintain secure configurations across AWS and Azure environments. Manage IAM, RBAC, encryption, and network security for cloud resources. Optimize cloud-native security tools (e.g., AWS GuardDuty, Security Hub, Azure Defender, Sentinel).
• Conduct regular vulnerability scans, posture assessments, and configuration reviews.
• Support Data Engineering teams in implementing secure CI/CD pipelines and IaC security standards.
• Microsoft Security & Compliance: Administer Microsoft security configurations, Defender for Office, and DLP policies. Enforce MFA, Conditional Access, and Zero Trust principles across all users and devices. Manage identity governance via Entra ID (Azure AD) and integration with other SaaS systems. Monitor alerts from the Microsoft Security & Compliance Center and remediate as needed.
• Governance, Risk, and Compliance (GRC): Maintain and enhance IT security policies and standards aligned with ISO *****, NIST CSF, and CIS Benchmarks. Perform security risk assessments, vendor due diligence, and internal compliance reviews. Support regulatory compliance (GDPR, POPIA, CCPA, etc.) and internal/external audits. Develop and maintain security documentation, including asset inventories, data flow maps, and risk registers.
• Incident Response and Threat Management: Lead detection, response, and recovery activities for cloud and Microsoft incidents. Coordinate with internal teams and external MSSPs for threat investigation and remediation. Maintain and test incident response playbooks and escalation workflows. Report and document incidents with root cause analysis and recommended mitigations.
• Identity, Access, and Endpoint Security: Oversee centralized identity management through Azure AD / Entra ID integrated with AWS IAM and SSO. Enforce least privilege access, role-based permissions, and secure authentication methods. Ensure endpoint compliance through Defender for Endpoint or equivalent solutions. Monitor device posture and remediate policy violations proactively.
• Security Awareness and Collaboration: Conduct Cybersecurity awareness training and phishing simulations across the business. Partner with IT operations, Data Engineering, and Enterprise Systems teams to embed "security by design." Collaborate with business leaders to align security strategy with operational goals.

• Qualifications: Bachelor's Degree in Computer Science, Information Technology, or Cybersecurity (or equivalent experience).
• Preferred Certifications: CISSP, CCSP, or CISM; AWS Certified Security – Specialty; Microsoft Certified: Cybersecurity Architect Expert or Azure Security Engineer Associate; pTIA Security+ or CEH.
• Experience/Skills: 5+ years in IT Security roles with cloud focus (AWS, Azure, and Microsoft). Deep knowledge of AWS Security Tools (GuardDuty, Security Hub, CloudTrail, WAF, KMS). Strong knowledge of Azure Security Tools (Defender, Sentinel, Policy, Blueprints). Proficiency with Microsoft Security: Defender Suite, DLP, Intune, Entra ID. Understanding of Network & Endpoint Protection, SIEM, Vulnerability Management. Familiarity with SSO, SAML, OAuth, and Zero Trust frameworks. Knowledge of ISO *****, NIST, SOC 2, and GDPR compliance frameworks.

• Analytical, detail-oriented, and proactive in identifying risks.
• Able to communicate complex security issues to non-technical stakeholders.
• Balances governance with operational pragmatism.
• Strong collaboration and leadership capabilities.

While we would really like to respond to every application, if you are not contacted for this position within 10 working days please consider your application unsuccessful.

It Security Officer Cloud Infrastructure Remote • Cape Town, Western Cape