About the position
We are seeking a passionate and qualified Information Security Engineer to join a dynamic team focused on enhancing client services. The role is responsible for protecting the organization's critical data, systems, and networks from cyber threats while ensuring alignment with industry standards and compliance requirements.
Key Responsibilities:
- Analyze, research, and report potential threats, vulnerabilities, and weaknesses across IT systems, applications, and networks.
- Perform risk assessments and manage vulnerabilities; recommend and implement mitigation strategies.
- Implement and maintain best practices in line with information security standards (ISO 27001, NIST CSF, PCI-DSS, POPIA).
- Support employees with cybersecurity, software, and hardware requirements, ensuring security best practices.
- Investigate, contain, and resolve security incidents; perform post-incident reviews and root cause analysis.
- Monitor network environments and liaise with service providers to meet security SLAs.
- Administer, configure, troubleshoot, and maintain IT security systems, including firewalls and endpoint protection.
- Develop and maintain SOC/SIEM detection rules, dashboards, and incident playbooks.
- Ensure business operations comply with information security policies and procedures; support audits.
- Maintain security documentation, including incident reports, configuration baselines, and risk registers.
- Automate repetitive security tasks through scripting.
- Stay up-to-date with emerging threats and security technologies, recommending improvements proactively.
Qualifications & Requirements:
- Grade 12 (Matric)
- National Certificate or Bachelor's degree in Information Technology, Computer Science, or equivalent experience
- Professional certifications desirable: CompTIA A+, Network+, Security+, Certified Ethical Hacker (CEH)
- Strong understanding of security concepts and controls across network, application, cloud, and endpoint environments
- Excellent communication skills to translate technical risks to business impact
- Critical thinking, problem-solving, and ability to manage multiple security projects
- Knowledge of security frameworks and compliance standards (ISO 27001, NIST, PCI-DSS, POPIA)
- Experience with SOC and SIEM solutions, incident detection and response, and security automation
- Familiarity with scripting languages (Python, PowerShell, Bash) for task automation
- Passion for staying current with cybersecurity trends and threat landscapes
Experience:
- Minimum 5 years in information and cybersecurity roles
- Hands-on experience with networks, firewalls, VPNs, and network troubleshooting
- Security experience with endpoint protection, email protection, Office 365, Azure, AWS, and cloud solutions
- Exposure to antivirus, content filtering, authentication, intrusion detection/prevention, and layered security controls
- Proficiency with Windows Server, Windows Desktop, and Linux operating systems
- Experience implementing and enforcing information security governance and policies
- Familiarity with Kali Linux, penetration testing, and vulnerability scanning tools
- Proven ability to analyze complex problems and deliver solutions
Desired Skills:
