OM Bank - Cloud Security Engineer

Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

At OM Bank, we strive to attract great people who are passionate about coming together for a higher purpose—building something unique and aspirational, always aiming to be the best they can be. We are rooted in our purpose of inspiring and enabling our customers to grow and sustain their prosperity.

The Cyber Cloud Security Engineer is responsible for implementing and maintaining the organisation’s cloud and endpoint security controls across a predominantly AWS ecosystem. Reporting to the DevSecOps Lead, the role ensures that identified risks and vulnerabilities are technically addressed through automation, engineering, and secure configuration.

This position serves as the technical foundation for cyber defence and risk management, enabling proactive threat detection, secure infrastructure delivery, and rapid response to incidents in alignment with the bank’s cloud-native and regulatory commitments.

Operating within a highly regulated digital banking environment, the Cyber Cloud Security Engineer safeguards critical systems hosted on AWS and Microsoft platforms through secure architecture, infrastructure‑as‑code (IaC) governance through to endpoint protection and the integration of such systems.

The Engineer collaborates closely with Cyber Risk Analysts, DevSecOps, and the Cyber Defence Team to implement secure configurations, respond to threats, and drive compliance automation.

The role demands hands‑on technical expertise across AWS security services, Azure endpoint and identity tooling, and a strong understanding of modern cloud security patterns and zero‑trust principles.

• Cloud Security Implementation: Deploy, configure, and optimize AWS security services (GuardDuty, Security Config, KMS, IAM, VPC, Route 53, and EKS security features).
• Infrastructure as Code (IaC) Hardening:
  Embed security best practices in Terraform and CloudFormation; integrate scanning and security checks in CI/CD pipelines using GitHub Actions and ArgoCD.
• Identity and Access Management:
  Support Azure AD / Entra ID governance, conditional access, RBAC, and access package reviews to maintain least‑privilege principles by utilizing terraform.
• Incident Response Collaboration:
  Assist in cyber incident investigations, performing forensic data collection, root‑cause analysis, and containment support.
• Threat Detection & Automation:
  Assist in improving Sentinel detections, enrich GuardDuty alerts, and build automated playbooks for response and remediation.
• Risk Remediation Execution:
  Translate cyber risk findings from analysts into actionable engineering tasks and verify implemented mitigations.
• Security Tooling Integration:
  Assist in Integrating cloud, endpoint, and DNS inspection tools with SIEM and SOAR platforms to strengthen detection and response capabilities.
• Compliance & Audit Support:
  Provide evidence and configuration documentation to support internal audit, regulatory, and external assurance activities.
• Continuous Improvement:
  Enhance automation, logging, and compliance posture through “Security as Code” principles and self‑service operational tooling.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.

• AWS Certified Security – Specialty
• AWS Certified Solutions Architect (Associate or Professional)
• Microsoft Certified: Security Operations Analyst Associate
• Terraform Associate (HashiCorp Certified)
• CompTIA Security+ or CySA+

• 3–5 years’ experience in cloud or cyber security engineering, with strong AWS exposure.
• Demonstrated experience in Terraform, CloudFormation, CI/CD pipeline security, and configuration compliance.
• Familiarity with SIEM/SOAR operations (Microsoft Sentinel preferred).
• Exposure to incident response, forensics, and vulnerability management.
• Working knowledge of security frameworks: NIST CSF, CIS Controls, ISO 27001

Join a modern, cloud‑native digital bank where cybersecurity is a strategic differentiator. As part of the Cloud Security DevSecops team, you’ll work with cutting‑edge AWS and Microsoft security tooling to defend one of South Africa’s most innovative financial platforms.

You’ll gain exposure to advanced automation, DevSecOps, and incident response workflows — collaborating directly with Cyber Defence, Risk, and DevSecOps teams to shape secure‑by‑design operations.

Here, you will be empowered to engineer security, automate resilience, and influence real‑world change in how digital banking remains safe, compliant, and trusted.

Adaptive Thinking, Application Development, Computer Literacy, Confidentiality, Data Compilation, Data Compression, Data Controls, Data Modeling, Data Privacy, Data Recovery, Digital Literacy, Gateway Servers, IT Network Security, Probing Questions, Test Case Management

Action Oriented Communicates Effectively Cultivates Innovation Ensures Accountability Manages Complexity Nimble Learning Optimizes Work Processes Persuades

NQF Level 7 - Degree, Advance Diploma or Postgraduate Certificate or equivalent

03 November 2025 , 23:59

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.