Share this Job
Apply now »

Security Engineer

Business Unit:  Discovery Bank
Function:  Information Security
Date:  13-Jan-2022

About Discovery


Discovery’s core purpose is to make people healthier and to enhance and protect their lives. We seek out and invest in exceptional individuals who understand and support our core purpose, and whose own values align with those of Discovery. Our fast-paced and dynamic environment enables smart, self-driven people to be their best. As global thought leaders, Discovery is passionate about innovating in order to not only achieve financial success, but to ignite positive and meaningful change within our society.

About Discovery Bank

Discovery Bank is the world's first behavioural bank. Our main goal is to improve your financial health by helping change how you work with your money. Through Vitality Money, you'll learn more about what it means to be financially healthy and you'll get rewarded for managing your money well. Track your progress easily on our app and steadily improve your Vitality Money status. You'll get rewarded as you get financially healthier.We are looking for smart, energetic, experienced and dynamic achievers who take initiative and ownership, are passionate about dazzling clients, and who thrive on constant challenges and high-speed change to join us on this journey.
We welcome inspired, positive and committed people to apply for jobs in Discovery Bank where you will be liberated to realise your full potential.

Key Purpose

The Security Engineer is responsible for designing and building security solutions for Discovery Bank. The incumbent will develop and integrate security solutions for application systems, projects and applied technologies, also solving for technical problems and challenges that arise.

Areas of responsibility may include but not limited to

•    Acquiring a detailed understanding of business processes and applications.
•    Translating technology and environmental conditions (business, legal and regulatory requirements) into the security design for applications and business processes.
•    Proactively engaging in all stages of the development lifecycle to ensure that solutions are securely designed, built, verified, deployed and maintained.
•    Test security solutions to ensure they have been implemented correctly.
•    Analyse and implement solutions for existing security concerns.
•    Perform risk and threat modelling as part of security assessments and solution design.
•    Participate in resolution of incidents in order to engineer requisite solutions.
•    Deliver report, papers and track issues to resolution.
•    Define, implement and maintain security policy and security standards.
•    Evaluate new technologies and processes that enhance security capabilities for the bank.
•    Collaborate with colleagues on and provide thought leadership on security topics e.g. authorisation, authentication, encryption, integration solutions, etc.  

Personal Attributes and Skills

•    Values driven.
•    Facilitation and conflict resolution capabilities, and builds working relationships.
•    Problem solving and analytical capabilities.
•    Excellent written and verbal communication skills, with the ability to convey technical detail in clear and concise manner.
•    Ability to work under time constraints with minimal supervision in an agile environment.
•    Looks for ways to optimise and automate solutions and testing in continuous integration/development and deployment environments.
•    Willingness to both issue and accept challenges to analytical problems.
•    Knowledge of Banking products, processes and systems is an advantage.

Education and Experience

•    Bachelors of Science degree in computer/electronic engineering or software programming background.
•    At least 3-5 years’ experience software development/engineering within banking or financial institutions.
•    Experience with popular programming languages and frameworks e.g. Javascript, Node,  Java, Spring, .Net, etc.
•    Experience with integration protocols and technologies e.g. SOAP, REST, JSON, XML, etc.
•    Solid understanding of cloud, virtualisation and containerisation security.
•    Solid understanding of modern federated authentication and authorization frameworks e.g. SAML, OIDC, ADFS, OAuth2, etc.
•    Working experience with network security and mainstream operating systems e.g. Linux, Windows, etc.
•    Working knowledge of data protection best practices (at rest, in flight and in use).
•    Experience with encryption protocols, technologies and techniques.
•    Experience working with product teams specifying secure application requirements.
•    Certifications advantages CISSP, CEH, ISACA CRISC/CISM, CISSP-ISSAP, CISSP-CSSLP, CSK, CCSP, etc.
•    Working knowledge of security architecture concepts (e.g. SABSA)
•    Knowledge of SAP security, micro-services & API security is considered an advantage.
•    Working knowledge of tools such as log management and log analytics tools e.g. splunk is advantageous.
•    Experience building monitoring dashboards and management reporting is considered advantageous.

Apply now »