About the position
ENVIRONMENT:
ACT as the technical specialist across the Security portfolio of a dynamic IT Solutions Provider seeking the expertise of a Mid Cybersecurity Engineer. You will design, deploy, support, and optimize solutions to secure enterprise environments to the highest standards. The position is heavily hands-on, with a strong emphasis on solution architecture, advanced deployments, integrations, troubleshooting, and L3/L4 escalation support. You will be involved in complex implementations, execute advanced Proof of Concepts (POCs), and provide expert-level technical enablement, while also delivering internal and external training and representing the organisation in technical engagements and forums. Applicants will require a Bachelor’s Degree in Computer Science, Cybersecurity, or a related field with 5-8 years hands-on experience in Cybersecurity including Endpoint Security (EPP, EDR/XDR), Security Operations and threat detection, Windows, macOS, Linux, TCP/IP, DNS, AWS, Azure & GCP.
DUTIES:
Solution Architecture & Engineering –
- Design and implement scalable security architectures across enterprise environments (1,000+ endpoints, multi-site).
- Deploy and optimize solutions across:
- Endpoint Protection (EPP)
- EDR/XDR
- Data Loss Prevention (DLP)
- Endpoint Encryption
- Mobile Device Management (MDM)
- Mail Security
- Vulnerability and Patch Management
- Ensure high availability, performance optimisation, and security best practices.
Advanced Deployment & Operations –
- Lead end-to-end deployment and configuration of solutions.
- Manage large-scale rollouts with minimal disruption to business operations.
- Perform continuous optimisation and tuning of security policies and detection mechanisms.
Escalation Support (L3/L4) –
- Provide Tier 3 and Tier 4 technical support for complex issues.
- Conduct deep troubleshooting, root cause analysis, and remediation.
- Collaborate with vendor support teams for critical escalations.
- Produce detailed technical reports and resolution documentation.
Integration & Automation –
- Integrate solutions with:
- SIEM/SOAR platforms (e.g., Splunk, QRadar, Microsoft Sentinel)
- Identity systems (Active Directory, Azure AD)
- Cloud environments (AWS, Azure, GCP)
- Develop automation scripts using PowerShell and/or Python for deployment, monitoring, and reporting.
Threat Detection & Security Operations –
- Support security operations through:
- Threat detection and analysis
- Incident investigation and response
- Threat hunting aligned with the MITRE ATT&CK framework
- Analyse logs, alerts, and endpoint activity to identify and mitigate threats.
Technical Enablement & Training –
- Deliver advanced technical training sessions, webinars, and workshops.
- Develop:
- Technical documentation
- Standard Operating Procedures (SOPs)
- Troubleshooting guides
- Provide hands-on enablement for internal teams, partners, and customers.
Stakeholder Engagement & Technical Leadership –
- Collaborate with IT teams, security teams, and leadership to:
- Validate deployments
- Improve security posture
- Recommend policy enhancements
- Present technical findings to both technical and non-technical audiences.
- Represent the organisation in technical discussions, webinars, and industry forums.
REQUIREMENTS:
Qualifications –
- Bachelor’s Degree in Computer Science, Cybersecurity, or a related field.
Experience/Skills -
- 5 - 8+ Years of hands-on experience in Cybersecurity
- Strong expertise in:
- Endpoint Security (EPP, EDR/XDR)
- Security Operations and threat detection
- Proven experience in:
- Large-scale enterprise deployments (1000+ endpoints)
- Advanced troubleshooting and debugging
- Tier 3 support environments
- Strong technical knowledge of:
- Windows, macOS, and Linux operating systems (Must Have)
- Networking fundamentals (TCP/IP, DNS, firewalls)
- Cloud platforms (AWS, Azure, GCP)
- Microsoft 365 and/or Google Workspace environments
- Experience with:
- SIEM/SOAR integrations
- Vulnerability and patch management solutions
- Compliance frameworks (GDPR, ISO 27001, SOC 2, NIST CSF, POPIA)
- Strong scripting and automation skills (PowerShell, Python, or Bash).
Preferred Experience:
- Experience working with Cybersecurity vendors or distributors.
- Background in:
- Incident response
- Threat hunting
- Security operations (SOC environments)
Highly Desirable:
- CompTIA Security+, CySA+
- CISSP, CEH, CHFI
- Network Certifications (e.g., CCNA, Network+)
- IT Service Management Certification (e.g., ITIL)
- Vendor Certifications in EDR/XDR platforms
- Linux Certification
Desired Skills:
- Cyber Security
- DNS
- Endpoint Detection & Response
- Linux
- TCP/IP
- Windows
About The Employer:
A dynamic IT Solutions Provider
