Job Description

:
An opportunity exists for a Senior Information Security Engineer to work within a growing financial
services organisation, supporting both on-premises and cloud-based environments.
Key Responsibilities
Security Architecture & Engineering

• Lead the design and implementation of advanced security controls across on-prem, cloud, and SaaS environments (Azure, Microsoft 365).
• Define security architecture standards and review new technology integrations for compliance.
• Champion secure development lifecycle practices and perform advanced application security assessments.
• Configure and maintain enterprise firewalls to ensure optimal security and performance.
• Implement and manage Web Application Firewall (WAF) solutions to protect against application-layer attacks.

Security Operations Leadership

• Oversee, configure and optimize security tools (Firewalls, Webservers, SIEM, EDR, DLP, vulnerability management platforms).
• Develop automation strategies for threat detection and response, integrating with ITSM platforms
• Establish operational playbooks and mentor team members on best practices.
• Collaborate with outsourced SOC teams to ensure effective monitoring and incident escalation.
• Integrate SOC services into the company's security operations framework for seamless threat detection and response.
• Manage SLAs and performance metrics for outsourced SOC providers.

Incident Response & Threat Management

• Lead major incident investigations, forensic analysis, and root cause determination.
• Act as escalation point for critical security events and coordinate cross-functional response.
• Drive proactive threat hunting and advanced analytics initiatives.

Vulnerability & Patch Management

• Define vulnerability management strategy and ensure timely remediation of critical risks.
• Provide executive-level reporting on risk exposure and remediation progress.

Identity & Access Management

• Architect and enforce enterprise-level identity governance using Microsoft Entra ID (Azure AD).
• Implement advanced privileged access management and zero-trust principles.

Information Security Awareness

• Develop and deliver security awareness programs to educate employees on cybersecurity best practices.
• Create engaging content and campaigns to promote a culture of security across the organization.
• Measure effectiveness of awareness initiatives and report improvements to leadership.

Compliance & Risk Advisory

• Ensure alignment with ISO 27001, NIST CSF, CIS benchmarks, and regulatory requirements (POPIA, GDPR, FSCA).
• Lead technical audits, penetrations tests, red/blue team exercises and provide authoritative guidance on risk mitigation strategies.

Operational & Executive Reporting

• Deliver strategic security metrics, risk dashboards, and board-level presentations.
• Recommend improvements to security posture based on threat intelligence and trend analysis.
• Implement security posture improvements and report on progress
• Produce detailed reports on firewall and WAF configurations, changes, and performance metrics.

Qualifications & Experience
Education:

• Diploma or Bachelor's degree in IT, Computer Science, or related field.
• CISSP, CISM, or equivalent senior-level certifications.
• Microsoft Certified: Cybersecurity Architect Expert or SC-series certifications.

Experience:

• 7+ years in cybersecurity or security engineering roles, with at least 3 years in a senior or lead capacity.
• Expert-level knowledge of SIEM, EDR, firewalls, DLP, and vulnerability management platforms.
• Hands-on experience in firewall configuration, WAF deployment, and generating detailed security reports.
• Experience in designing and implementing information security awareness programs.
• Advanced understanding of identity governance, zero-trust architecture, and cloud security (Azure, Microsoft 365).
• Strong experience with scripting and automation (PowerShell, Python).
• Proven track record in leading incident response and security architecture projects.

Preferred:

• Experience with Hillstone security technologies, NGINX, Microsoft Intune, Microsoft Purview, and various SIEM solutions

Skills & Competencies

• Strong organizational and documentation skills.
• Ability to mentor and develop junior engineers.
• Excellent communication and customer service orientation.
• Excellent communication skills for executive and technical audiences.
• Ability to analyze data and identify trends.
• Proficiency in ITSM tools and Microsoft Office Suite.
• Ability to manage multiple priorities in a fast-paced environment.
• Troubleshooting and strong resolution skills
• Highly ethical, resilient, and committed to continuous improvement.
• Achievement / Results orientated
• Team Player
• Motivated and positive attitude

Skills Required