Senior IT Security Engineer

We are seeking a Senior Information Security Engineer to design, implement, and lead advanced security solutions across hybrid on-prem and cloud environments (Azure, Microsoft 365).

• Design and implement advanced security controls across on-prem, cloud, and SaaS environments (Azure, Microsoft 365).
• Define and enforce security architecture standards.
• Lead secure SDLC initiatives and application security assessments.
• Configure and maintain enterprise firewalls and Web Application Firewalls (WAF).

• Oversee and optimize security platforms (Firewalls, SIEM, EDR, DLP, Vulnerability Management).
• Develop automation for threat detection and response integrated with ITSM tools.
• Define operational playbooks and mentor junior engineers.
• Manage and govern outsourced SOC services, SLAs, and performance metrics.

• Lead major incident investigations, forensic analysis, and root cause analysis.
• Act as escalation point for critical security incidents.
• Drive proactive threat hunting initiatives.

• Define vulnerability management strategy.
• Ensure timely remediation of critical risks.
• Deliver executive-level risk and remediation reporting.

• Architect enterprise identity governance using Microsoft Entra ID (Azure AD).
• Implement privileged access management and Zero Trust principles.

• Design and deliver enterprise-wide security awareness programs.
• Measure effectiveness and report outcomes to leadership.

• Ensure alignment with ISO 27001, NIST CSF, CIS Benchmarks, POPIA, GDPR, FSCA.
• Lead technical audits, penetration tests, and red/blue team exercises.

• Deliver security dashboards, metrics, and board-level reporting.
• Recommend and track continuous security posture improvements.
• Produce detailed firewall and WAF configuration and performance reports.

• Diploma or Bachelor's Degree in IT, Computer Science, or related field.
• CISSP, CISM, or equivalent senior-level certification.
• Microsoft Cybersecurity Architect Expert or SC-series certification.