Senior Security Operations Engineer at Lula

Senior Security Operations Engineer at Lula WHAT WE DO Lula is an innovative and human-focused FinTech company on a mission to help small businesses optimise their cash flow. Our purpose is to help SMEs manage their businesses better, faster, and more simply, so they can spend more time doing what they love. If youre looking for a new place to call home that believes in the potential of the broader SME landscape in South Africa and a place where youll work with awesome people - then Lulas the place for you Were making business banking fast, human, Lula OUR VALUES Collaborative - were a clan and work together as a team, always towards a common goal Committed - were accountable and follow through no matter the challenge Curious - we look for better ways to do things and make a positive difference Connected - we stay close to, learn from and look to understand each other and our customers Compassionate - we go out of our way to care about our colleagues, our customers and our community OVERALL PURPOSE We are looking for a Senior Security Operations Engineer to join our team. The successful candidate will be responsible for securing, monitoring, and maintaining the overall security posture of our Azure platform and infrastructure, as well as our on-site networks and systems. You will work closely with all departments and teams to implement and provide guidance on security best practices and regulatory compliance. As a Senior Security Operations Engineer, you will also be responsible for identifying and responding to security incidents and conducting security assessments, audits and simulations. Responsibilities will include: Infrastructure Security: Partner with our Infrastructure team to design, implement and manage security controls and policies for our Microsoft Azure Infrastructure Partner with our Engineering teams to ensure that code deployed on Lulas infrastructure is done securely Conduct regular security assessments and audits of Azure and internal infrastructure and platforms, including vulnerability scanning and penetration testing Identity Security: Manage and regularly audit our privileged accounts to ensure access remains relevant and required Design, implement and manage policies and controls to secure Lulas accounts and access to our resources using Microsoft Entra ID toolsets Provide security awareness training to the business to improve our security posture Perform security incident/phishing simulations to ensure our processes and training are robust and effective On-Premise Security: Monitor and manage Lulas access control and camera systems Provide guidance and support to internal departments on handling of confidential information Partner with our Technical Support team to ensure Lulas network and endpoints are configured securely and monitored for threats Regulatory Compliance and Governance: Be a critical part of Lulas PCI DSS annual re-certification process Develop and maintain security documentation including policies, procedures and technical standards that adhere to compliance requirements Collaborate with external auditors and partners to ensure compliance with various regulatory requirements and industry standards Security Incident Management: Be the key point of contact for security incident and alert investigations Develop remediation plans, conduct Root Cause Analysis and provide corrective and preventative measures during Post Incident Reviews Participate in on-call rotation to provide 24/7 support for Security Incidents THE COMPETENCIES WERE AFTER High attention to detail Ability to work collaboratively Self-motivated Highly credible and trustworthy Open and honest Quick learner Problem solver Strong planning skills and ability to prioritise Strong leadership skills including mentoring and coaching Adaptable and flexible and resilient to change and ambiguity Articulate and approachable Process driven THE SKILLS AND EXPERIENCE WERE LOOKING FOR Tertiary qualification in Computer Science, Information Security, or equivalent experience 5 years of experience in a SecOps field using Microsoft technologies Expert knowledge of Microsoft security features, including Azure Defender for Cloud, Azure Sentinel, Entra ID, Privileged Identity Management, Intune and Defender for Endpoint Experience with security assessments and audits, including vulnerability scanning, penetration testing and incident simulations Familiarity with industry standards and regulatory requirements, such as POPIA, PCI DSS and ISO 27001 Familiarity with security related network technologies such as firewalls & VPNs Azure or Cyber Security certifications, such as Azure Security Engineer Associate, Azure Solutions Architect Expert or CISSP are a plus

Location: Western Cape, ZA

Posted Date: 3/8/2025