SUMMARY:
Security Engineers should bring innovative ideas and solutions to L3 teams and management
POSITION INFO:
JOB PURPOSE STATEMENT
The Security Engineer is responsible for ensuring robust cybersecurity operations, proactive threat detection, and effective risk management. This role involves collaborating with IT and security teams, conducting vulnerability assessments, and implementing security best practices to protect organizational assets.
Security Engineers should bring innovative ideas and solutions to L3 teams and management, contributing to continuous improvement in security operations. The Security Engineer takes ownership of security tasks and escalations, delivering solutions efficiently and timeously to minimize risk and enhance protection.
This role demands knowledge of driving cutting-edge security technology and operations platforms from Microsoft, Fortinet and Sophos.
Duties:
Stakeholder Collaboration and Communication
• Work closely with IT and Security teams to enhance security.
• Maintain clear communication via collaboration tools. (Teams, CRM, Service Desk).
• Timeously respond to external stakeholders and maintain a quick response and updates to external and internal stakeholders
Continuous Improvement & Compliance
• Stay updated with the latest security threats, technologies, and best practices.
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organizational resilience.
Security Operations, Threat Detection & Incident Response
• Real-time threat monitoring, detection, and response operations.
• Ensure security operations align with industry best practices and compliance standards.
• Conduct incident response efforts, from detection to resolution.
• Maintain up-to-date documentation for internal security measures and client security operations.
• Conduct security assessments, including M365 tenant evaluations and network reviews.
• Manage Security Posture management for customers as per contractual requirements
Threat Hunting & Vulnerability Management
• Proactively identify and mitigate cybersecurity threats before they escalate.
• Analyse network traffic, endpoint activity, and security logs to detect advanced threats.
• Manage vulnerability assessments and ensure timely remediation of security weaknesses.
• Utilize industry-leading SOC SaaS platforms (e.g., Microsoft Defender, Fortinet, Sophos) to strengthen security defences.
• Provision of remediation assistance
Prevention and Risk Management
• Design and implement proactive security measures to prevent cyber threats.
• Manage identity and access controls, email protection, data security, and endpoint security.
• Conduct IT risk assessments and recommend mitigation strategies.
• Ensure proper security configurations across operating systems, networks, and applications
Key Performance Expectations
• Working in the office at least three days per week.
• Achieve and track own billable work hours, CRM tasks and project milestones.
• Begin with the end in mind. Ensure all work completed is aligned with achieving specific deliverables as outlined in project plans or service level agreements
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Drive own accountability, ensuring all tasks and security measures are executed effectively.
• High levels of customer satisfaction and retention
• Ensure all risks are highlighted and communicated
• Comitment to continual professional development
PREFERRED SKILLS
- Strong expertise in Microsoft security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
- In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
- Proven experience in managing complex security incidents and remediation processes.
- Certifications such as CompTIA Cybersecurity Analyst (CySA+) , Certified SOC Analyst (C|SA), Comptia Security +, or Microsoft Security Certifications
- Basic understanding and practice related regulatory frameworks and compliance standards like Popia, PCI-DSS, GDPR, ISO 27001, CIS and NIST.
- Strong communication skills for reporting to executives and educating stakeholders on security risks.
These responsibilities are not exhaustive. In this dynamic role as a Mid-Tier Security Engineer, you may be required to perform ad-hoc tasks and adapt to evolving challenges as they arise, ensuring that our clients receive the best possible service and solutions tailored to their unique needs. Your versatility and readiness to address diverse demands are integral to achieving success in this role.
