Position Title

Engineering Manager - Cyber Security

Reports To

Director Engineering - DevOps, Security and Corporate IT

Position Summary

We seek an experienced CyberSecurity Engineering Manager with a strong background in Engineering, DevOps and Infrastructure to build and oversee our Cyber Security operations and governance standards. 

This new role will be responsible for securing our cloud infrastructure, applications deployed in AWS, data protection, and our Corporate IT infrastructure. The ideal candidate will demonstrate expertise in AWS solutions, with experience in establishing Cyber Security processes, Cyber Security Operation Centers and Incident response plans. 

This role is for an experienced individual who will build a Cyber Security practice at PropertyFinder and grow the practice to govern code best practices, infrastructure best practices and interface with auditors. This role will be a conduit between DevOps, Engineering and Corporate IT, as well as on all things related to Cyber Security. You will provide comprehensive reports and frequent presentations to C-level and the Engineering leadership team. 

Key Responsibilities

Security Management:

• Manage, recruit and enable a team of Cyber Security engineers and analysts
• Oversee the career development and growth of Cyber security engineers and analysts
• Oversee the development and enforcement of security protocols and infrastructure security.
• Monitor all cloud and corporate IT infrastructure for Cyber Security related events.
• Rollout best practices for application security, identity and data protection across our marketplace product portfolio and developer platforms
• Maintain all security tools and technology across the environment.
• Document and Monitor internal and external Cyber policy compliance and posture. 
• Ensure compliance with industry standards and regulations in cybersecurity.
• Develop strategies for risk management, data protection, and incident response.
• Stay abreast of emerging security threats and implement proactive measures.
• Establish escalation processes and be part of the on-call escalation process.
• Be an escalation point for the on-call roster for the Cyber security operations centre (SOC)
  
  

Desired Qualifications & Experience

• Certification in information security (CISSP, CSSLP, CCFP, CISM, etc.) or comparable work experience
• Demonstrate experience managing Cyber Security Initiatives with deep hands-on technical expertise
• Professional experience in effective cybersecurity management, including 
• incident management and evidence gathering, 
• change management and participating in Change and Emergency Change Boards
• conducting risk analysis/assessments, 
• undertaking cyber security reviews 
• developing and communicating policy changes 
• providing guidance and advice to end users
• Expert knowledge in role-based access control (RBAC), SAML Authentication and Authorisation. 
• Experience with SIEM monitoring tools (Splunk, Elastic or similar), log aggregation, and correlation.
• Strong scripting skills (Bash, Python, Go) to automate operational tasks
• Passion for developing people, building inclusive teams, and coaching
• AWS Certified Solutions Architect or AWS Certified Security Speciality
• Extensive hands-on experience with AWS services including EC2, ELB, Auto Scaling Groups, VPC, IAM, WAF, S3, CloudFront, Route 53, RDS, EKS, Lambda, CloudWatch, CloudTrail
• Ability to apply AWS's well-architected framework and best practices for security, reliability, performance efficiency, and cost optimisation
• Strong understanding of AWS shared responsibility model and best practices for securing cloud resources
• Excellent communication, collaboration and stakeholder management acumen
• Knowledge of data governance, security, privacy and compliance protocols
• Minimum 8 years of Cyber Security experience.