Manager: Network Security

**Who are we?**

Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Sanlam.

**What will you do?**

**What will make you successful in this role?**
- Maintain an up-to-date understanding of the hybrid network environment (on-premises, Azure, and AWS) and industry trends to identify risks, control weaknesses, or improvement opportunities and communicate these to management.
- Oversee the security configuration, hardening, and continuous monitoring of firewalls, routers, load balancers, and cloud network security controls (e.g., Security Groups, Network ACLs, NSGs).
- Ensure that network-level security tooling (e.g., IDS/IPS, firewalls, NDR, packet brokers, and flow analysis systems) is effectively managed, tuned, and monitored for anomalous activity.
- Handle alerts and incidents identified by network-focused security systems in close collaboration with the CSIRT, Runtime Security, and Infrastructure Operations teams.
- Drive timely investigation and remediation of network-related vulnerabilities, misconfigurations, or exposed endpoints detected by vulnerability management or cloud-native security platforms.
- Develop, document, and maintain network security baselines and standards across all environments, ensuring alignment with architectural and compliance frameworks.
- Oversee segmentation design and enforcement across environments to minimize lateral movement and ensure appropriate isolation of critical systems.
- Collaborate with Cloud and Application Security teams to validate secure network architectures for new deployments and services.
- Provide regular reporting on network security posture, key incidents, and emerging risks to management and governance forums.
- Identify and implement opportunities for automation and operational improvement in network security monitoring, alerting, and incident response workflows.
- Manage and mentor the Network Security team, ensuring skills development, performance management, and a culture of accountability and continuous improvement.
- Act as the escalation point for complex network security issues, providing expert guidance and technical direction.
- Contribute to and maintain the playbooks and procedures for network security incident response in collaboration with CSIRT.
- Advise and support security architects and project teams in designing secure network solutions, ensuring that network security controls are integrated throughout the project lifecycle from planning to implementation and review.
- Participate in project meetings and architecture reviews to proactively identify and address network security risks and control gaps.
- Qualifications & Experience

**Formal Education**
- Matric
- Bachelor’s degree in computer science, Information Technology, or related field; master's degree preferred.

**Security Certifications**
- Network+ and/or Security+ certification

**Networking & Platform-Specific**
- CCNP Security or equivalent (e.g., Fortinet NSE4+, Palo Alto PCNSE)

**Preferable**
- AWS Certified Advanced Networking - Specialty
- Azure Network Engineer Associate or Azure Security Engineer Associate
- Terraform Associate or DevNet certifications for automation-aligned roles
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)

**Experience**
- 5-10 years of total experience in IT infrastructure, networking, or security, with at least 5 years in network security roles.
- 1-3 years in a leadership or management capacity, preferably leading a team of network or security engineers.
- Proven experience managing hybrid environments—traditional datacenter networks, cloud-native constructs (AWS VPCs, Azure VNets), and interconnects (ExpressRoute, Direct Connect, VPNs, SD-WAN) from a network security perspective.
- Hands-on experience with network security tooling: firewalls (e.g., Fortinet, Check Point), IDS/IPS, NDR (DarkTrace), and cloud-native equivalents (AWS Network Firewall, Azure Firewall, etc.).
- Demonstrated success in incident response collaboration—working with SOC/CSIRT teams on network-related incidents.
- Experience developing and enforcing network segmentation, zero trust principles, and secure connectivity patterns across multi-cloud architectures.
- Familiarity with infrastructure automation and observability, e.g., Terraform, Ansible, and network telemetry tools like VPC Flow Logs, Azure NSG Flow Logs, or NetFlow.
- Exposure to compliance and governance frameworks such as ISO 27001, NIST CSF, CIS Controls, etc.

**Technical Competencies**
- Deep understanding of TCP/IP, routing, VPNs, DNS, TLS, etc.
- Solid working knowledge of AWS and Azure network s