Intermediate Identity and Endpoint Security Engineer

BETSoftware

Job Description

  • IAM expertise: RBAC, access reviews, identity lifecycle, SSO, MFA, conditional access, PAM, Zero Trust
  • Endpoint security: EDR/XDR, MDM/UEM, hardening, patching, compliance, and incident response
  • Data protection: DLP, data classification, sensitivity labelling, retention policies, regulatory compliance
  • Email & collaboration security: phishing/BEC detection, malware analysis, URL protection, SharePoint/OneDrive security
  • Automation: user/device provisioning & deprovisioning, security workflows, basic scripting (PowerShell/Python)
  • Incident response: ransomware, phishing, malware, identity threats, and data loss events
  • Governance & risk: security metrics, reporting, audits, risk assessments, and policy enforcement
  • Strong analytical skills, problem-solving, cross-team collaboration, and continuous security improvement

Responsibilities

Identity Security

Implement and support identity and access management (IAM) processes, including:

  • Role-based access control (RBAC) assignments
  • Access reviews and certifications
  • Group and permission management

Support And Maintain

  • Single Sign-On (SSO) integrations
  • Multi-Factor Authentication (MFA) enforcement
  • Conditional access policies

Assist In The Administration Of

  • Privileged Access Management (PAM) solutions
  • Identity Governance processeS
  • Perform periodic access reviews and identify excessive or inappropriate privileges. Support the enforcement of least privilege and Zero Trust principles. Collaborate with all teams to ensure correct access provisioning and governance.

Endpoint Security

Operate And Maintain Endpoint Security Tools Including

  • Endpoint Detection and Response (EDR/XDR)
  • Anti-malware solutions
  • Mobile Device Management (MDM) / UEM platforms

Assist with endpoint hardening and configuration baselines.

Support patching and vulnerability remediation efforts in collaboration with infrastructure teams.

Ensure endpoint compliance with organizational security policies.

Assist in device onboarding, provisioning, and secure configuration.

Support incident response activities related to compromised or non-compliant devices.

Drive Automation Of

  • Endpoint provisioning and de-provisioning
  • User provisioning and de-provisioning
  • Compliance monitoring
  • Threat containment and isolation workflows

Data Protection

Implement and operate Data Loss Prevention (DLP) capabilities across endpoints, email, and collaboration platforms

Assist In The Implementation And Management Of

  • Data classification and sensitivity labelling
  • Data protection policies across email, file storage, and endpoints
  • Data lifecycle and retention controls
  • Support enforcement of data protection policies aligned with business and regulatory requirements.

Email Security

Operate and maintain email security controls (e.g. Mimecast or similar platforms), including:

  • Anti-phishing and impersonation protection
  • Anti-malware and attachment scanning
  • URL protection and link rewriting

Monitor And Investigate Email Security Alerts, Including

  • Phishing attempts
  • Business Email Compromise (BEC)
  • Malicious attachments and links
  • Assist in tuning email security policies to improve detection and reduce false positives. Collaborate across the business to reduce risks associated with account compromise and email-based attack vectors.

Collaboration & Data Exposure Controls

Assist in securing collaboration platforms (e.g. SharePoint, OneDrive, file shares), including:

  • External sharing controls
  • Data access restrictions
  • Misconfiguration and exposure risk identification
  • Investigate and respond to security incidents and escalations across identity, endpoint, data protection, and email domains, including ransomware, malware outbreaks, device compromise investigations, DLP events, and phishing attempts.

Governance, Metrics & Risk

Assist in tracking and reporting on key metrics such as:

  • MFA adoption
  • Endpoint compliance
  • Patch status
  • Access review completion
  • Data classification and labelling
  • Email security statistics
  • Document incidents, findings, and remediation actions
  • Support audit activities and provide evidence for identity and endpoint controls
  • Identify opportunities for automation and process improvements
  • Stay up to date with emerging threats and vulnerabilities related to identity and endpoints
  • Conduct risk assessments related to identity systems and endpoint environments
  • Research and conduct proof of concepts for new identity and endpoint security technologies
  • Continuously assess emerging threats such as identity-based attacks, phishing, token theft, ransomware, and zero-day exploits

Qualifications

Required Qualifications

3–5 years of experience in identity security, endpoint security, or IT security roles.

Hands-on Experience With

  • Microsoft Entra ID / Azure AD or equivalent IAM platforms
  • Active Directory (on-prem and hybrid)
  • SSO and MFA implementations
  • PAM solutions
  • EDR/XDR platforms
  • MDM/UEM solutions
  • Endpoint hardening and security baselines
  • Data Loss Prevention (DLP) technologies
  • Email security platforms (e.g. Mimecast or similar)

Solid Understanding Of

  • Zero Trust Concepts
  • Identity and access management principles
  • Endpoint security and hardening
  • Access control models (RBAC, ABAC)
  • Scripting/automation (PowerShell, Python, Bash, etc.)
  • Log analysis, security monitoring, and incident response
  • Experience with incident investigation and troubleshooting

Certifications in relation to the above criteria.

Apply Now Apply Now Post a Resume

See more jobs in Durban, KwaZulu-Natal, jobs in South Africa