Senior Cloud Engineer (AWS Technologies)
Tower Group
- Cape Town, Western Cape
- Permanent
- Full-time
- Overall security for our client group infrastructure.
- Design and implement networks, infrastructure, and firewalls within cloud environments.
- Manage cloud team and consultants.
- Implement CI/CD pipelines.
- Configure, manage, and troubleshoot firewalls to ensure optimal network security and performance.
- Collaborate with cross-functional teams, including network engineers, system administrators, and developers, to setup and maintain networks and security thereof.
- Conduct security assessments and audits to identify vulnerabilities and propose appropriate solutions.
- Develop and maintain documentation, including network diagrams, configuration guides, and standard operating procedures related networks and security.
- Stay up to date with the latest AWS security features, FortiGate firewall technologies, and industry trends to provide recommendations for improving network security and performance.
- Participate in incident response and perform root cause analysis for security-related incidents.
- Provide technical guidance and mentorship to junior team members on network and security configurations and best practices.
- Bachelor's degree in computer science, information technology, or a related field. Relevant certifications e.g. AWS Certified Security Specialty, Fortinet NSE will be beneficial.
- Proven experience in cloud networks and security, specifically in AWS environments.
- In-depth knowledge of AWS services and features, such as VPC, EC2, IAM, S3, CloudTrail, CloudWatch, AWS WAF, Route53, secrets manager, and AWS Security Hub.
- Strong expertise in configuring and managing FortiGate firewalls, including FortiOS, firewall policies, VPN configurations, and advanced threat protection features.
- Solid understanding of network protocols, security standards (e.g. SSL/TLS, IPsec), and networking concepts (e.g. routing, subnetting, load balancing).
- Experience with network security tools, such as intrusion detection and prevention systems (IDS/IPS), web application firewalls (WAF), and vulnerability scanners.
- Proficient in scripting and automation using languages like Python, PowerShell, or Bash to streamline security operations.
- Excellent problem-solving skills and the ability to analyse complex network security issues.
- Strong communication skills to effectively collaborate with cross-functional teams and present technical information to both technical and non-technical stakeholders.
- Ability to work in a fast-paced environment and manage multiple priorities simultaneously.
- Experience with cloud platforms and networks, such as AWS, Microsoft Azure or Google Cloud Platform (GCP).
- Familiarity with DevOps practices and tools, including infrastructure as code (IaC) using Terraform or AWS CloudFormation.
- Knowledge of other security technologies and solutions, such as intrusion prevention systems (IPS), data loss prevention (DLP), and SIEM platforms.
- Experience with network monitoring and logging solutions, such as AWS CloudWatch, Elastic Stack, Splunk etc.
- Experience in banking security will be highly beneficial.
- Experience in setting up network peering will be beneficial.