Sen Specialist: IT Security Engineer x2 (FTC) (Microsoft Azure Security)

The South African Revenue Service (SARS) is the nations tax collecting authority. Established in terms of the South African Revenue Service Act 34 of 1997 as an autonomous agency, we are responsible for administering the South African tax system and customs service. Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation and exportation of goods; facilitate trade; and advise the Minister of Finance on all revenue matters Job Purpose

To be responsible for identify shortcomings in SARS processes, gaps in systems that allow fraud, trends of activities where SARS is defrauded, and to assist in designing controls and solutions to mitigate identified risks and to reports on suspicious and unauthorized activities on the SARS IT Systems.

Education and Experience

Minimum Qualification & Experience Required

Bachelor's Degree / Advanced Diploma (NQF 7) Information Security AND 8-10 years' experience in an Information Security Operations, of which 3-4 years at Junior specialist level

OR

Senior Certificate (NQF 4) AND IT Qualification (s) / Certification (s) Information Security, and 8-10 years' experience in an Information Security Operations of which 3-4 years at Junior specialist level, AND additional requirements as specified in the Min Functional requirements.

ALTERNATIVE #

Senior Certificate (NQF 4) AND 15 years' experience in Information Security Operations of which 3-4 years at Junior specialist level AND additional requirements as specified in the Min Functional requirements.

Minimum Functional Requirements

5 or more years' hands‑on experience securing and supporting Microsoft Azure infrastructure in an enterprise environment. Proven experience implementing and operating Azure-native security controls, including Azure Firewall, Network Security Groups (NSGs), private endpoints, DDoS Protection, and secure hybrid connectivity. Practical experience applying Azure governance and access controls, including Azure Policy, role-based access control (RBAC), and standardised landing zone security controls.

Job Outputs:

Process

Design, implement, and maintain secure Azure infrastructure architectures, including virtual networks, segmentation, routing, and hybrid connectivity. Implement and operate Azure infrastructure security controls, including firewalls, network security groups, private endpoints, and DDoS protection. Ensure Azure compute and platform services are securely configured in line with defence‑in‑depth principles. Establish and enforce Azure governance and security guardrails, including policies, RBAC, and standardised landing zone controls. Support the secure onboarding of Azure workloads, subscriptions, and services. Conduct infrastructure security assessments and recommend remediation actions. Provide specialist input into cloud security architecture designs, standards, and technical reviews. Maintain documentation, standards, and procedures related to Azure infrastructure security. Analyse and make recommendations about improvements to specialist systems, procedures and associated area's practice. Contribute to the optimum utilisation of org. resources, advising on effective planning and development of area of specialisation resource plans. Develop a single practice area in alignment with operational activity and procedural frameworks and ensure tactical implementation. Draw on own technical or professional expertise, knowledge & experience to identify & recommend tactical solutions to defined problems in practices. Integrate business information, compare, analyse and produce reports to identify trends, discrepancies and inconsistencies for decision making purposes. Optimise goal achievement through tactical strategy implementation and optimisation of practises, processes and systems across an internal value chain. Plan for value-added, continuous practice and system improvements to deliver on objectives to enhance tactical implementation and excellence. Proactively identify interconnected problems, determine its impact and use to develop best fit alternatives; best practice implementation solutions. Recommend changes to optimise processes, systems, practice areas and associated procedures and execute the implementation of change and innovation. Translate top-down policy, apply modification in relation to own practice area and communicate impact to relevant stakeholders. Develop technical strategic and/or process and/or mitigation measures to security, application and system vulnerabilities across IT landscape. Design and develop reports that will provide visibility to line managers in order to manage any risks within their respective areas relating to fraud, prevention of fraud and access to information. Measure impact of controls against Policies, Processes and Guidelines of SARS, as well as relevant legislation.

Governance

Develop and/or align governance and compliance policies for own practice area to identify and manage risk exposure liability.

People

Integrate new knowledge and transfer skills attained through formal and informal learning opportunities in the execution of your job. Provide specialist know-how, support, advice and practice thought leadership in area of expertise.

Finance

Implement and monitor financial control, management of costs and corporate governance in area of specialisation.

Client

Develop & ensure implementation of a practice that builds service delivery excellence & encourage others to provide exceptional stakeholder service. Participate in the specialist practice community and contribute positively to organisation knowledge management. Provide authoritative, specialist expertise and advice to internal and external stakeholders.

Behavioural competencies

Accountability Analytical Thinking Attention to Detail Commitment to Continuous Learning Conceptual Ability Expertise in Context Fairness and Transparency Honesty and Integrity Respect Trust

Technical competencies

Business IT Systems Business Knowledge Data Collection and Analysis Efficiency improvement Functional Policies and Procedures Business IT Systems IT Knowledge IT Network and Securities IT Strategy and Planning Reporting System Thinking Knowledge of IT Governance and Business Efficiency improvement

Deadline:19th April, 2026