Security Engineer (Identity, Endpoint & Data Protection) Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this. We strive to attract great people who are passionate about building something unique and aspirational, always aiming to be the best they can be. This role focuses on implementing, maintaining, and continuously improving security controls across the Endpoint and User Ecosystem. Key Result Areas Identity & Access Management: Manage and optimise Azure AD / Entra ID, Conditional Access, PIM, MFA, RBAC, and access package lifecycle governance. Endpoint Security & Compliance: Administer endpoint protection tooling with compliance baselines, ensure encryption, patching, and secure configuration of all managed devices. Data Loss Prevention & Information Protection: Configure and maintain Microsoft Purview DLP, sensitivity labels, and information governance policies across M365 (Exchange, SharePoint, Teams, OneDrive). Vulnerability Management: Operate Microsoft Defender Vulnerability Management, track, prioritise, and remediate vulnerabilities in coordination with system owners. Automation & Policy Deployment: Build and deploy automated policies using Intune, PowerShell, and Graph API to enforce consistent security posture. Threat Detection Enhancement: Fine‑tune Defender and SIEM detections to reduce false positives and improve coverage of endpoint, identity, and DLP telemetry. Compliance Reporting: Generate dashboards and reports for device compliance, privileged access, DLP violations, and vulnerability metrics. Continuous Improvement: Contribute to the ongoing maturity of the Endpoint and User security ecosystem and adoption of Zero Trust, “Security as Code,” and automation. Role Requirements 2–4 years in Microsoft 365 / Azure security engineering or equivalent enterprise security operations. Proven experience managing Intune, Defender for Endpoint, and Entra ID conditional access policies. Hands‑on experience with Microsoft Purview DLP and sensitivity labelling across cloud services. Familiarity with Defender Vulnerability Management and integration into SOC workflows. Exposure to Sentinel and SOAR automation playbooks. Understanding of NIST CSF, CIS Controls, ISO 27001, and Zero Trust principles. Nice to have – Experience with Terraform and DevOps processes on GitHub. Bachelor’s degree in Computer Science, Information Security, or equivalent practical experience. Preferred certifications: Microsoft Certified: Security Operations Analyst Associate; Microsoft Certified: Identity & Access Administrator Associate; Microsoft Certified: Information Protection Administrator Associate; Microsoft 365 Certified: Enterprise Administrator Expert; CompTIA Security+ / CySA+ / MS-500. Benefits & Why Join Us As part of the Cloud Security Operations team, you will: Engineer and protect the identity, data, and devices that power our business. Shape and secure our endpoint and User environments in a fast‑paced, cloud‑native environment. Collaborate across Cyber Defence, Risk, and Cloud Engineering functions, developing automation and intelligence that drive resilience, regulatory compliance, and customer trust. Be empowered to secure identity, protect data, and enable innovation at the forefront of South African digital banking. Core Competencies Action Planning, Adaptive Thinking, Computer Literacy, Data Classification, Data Compilation, Data Controls, Data Modelling, Data Recovery, Digital Literacy, Information Technology Support, Legal Practices, Numerical Aptitude, Report Review, Test Case Management. Collaboration, Communication, Innovation, Decision Quality, Accountability, Complexity Management, Nimble Learning, Optimisation of Work Processes. Education NQF Level 7 – Degree, Advanced Diploma or Postgraduate Certificate or equivalent. Closing Date 03 June 2026, 23:59 #J-18808-Ljbffr