Cyber Security Engineer Level 1

Job Title: Cybersecurity Engineer – Level 1

Location: Tygervalley, Cape Town

About ICG Medical:

ICG Medical is a leading global healthcare recruiter with a focus on nurses (all specialities), midwives and home care/healthcare workers. Our company vision is to improve patient care. The DNA make up of our business stems from our core values: Open, Family and Passion. The business is made up of three recognised healthcare recruitment brands: Greenstaff Medical, Clinical24 and Cromwell Medical. Each deliver tailored solutions for our candidates and clients from our offices in the UK, Ireland, India, South Africa, China, Philippines, Australia, Canada and the USA with more office openings on the horizon.

Role Summary:

We are seeking a motivated and detail-oriented Cybersecurity Engineer (Level 1) to support our information security operations. This role will focus on monitoring, maintaining, and improving the security posture of our Microsoft-based environment, including Microsoft Defender, Intune, Entra (Azure AD), Azure security services, endpoint protection, and firewalls.

Key Responsibilities:

• Monitor alerts from Microsoft Defender for Endpoint and respond to incidents in accordance with playbooks.
• Administer and support Intune-based device compliance and configuration policies.
• Review and enforce Conditional Access and Identity Protection policies via Microsoft Entra.
• Perform security investigations and threat analysis on endpoints and users.
• Execute regular vulnerability scans and participate in patch validation cycles.
• Assist with firewall rules, endpoint configuration, and network segmentation reviews.
• Maintain documentation of incidents, system configurations, and operational procedures.
• Support onboarding/offboarding from a security perspective (user access, device trust, MFA).
• Work with the IT team to implement secure configurations in Azure and Microsoft 365.
• Participate in tabletop exercises, DR simulations, and routine incident response drills.
• Monitor compliance with internal policies and external frameworks (e.g., ISO 27001, NIST CSF).

Qualifications:

• 1–2 years of experience in IT support, security operations, or infrastructure security.

Working knowledge of:

• Microsoft Defender (AV and for Endpoint)
• Microsoft Intune (Endpoint Manager)
• Microsoft Entra ID (Azure AD)
• Azure Security Center / Microsoft Sentinel (basic familiarity)
• Understanding of endpoint security, user access control, MFA, and identity lifecycle.
• Basic understanding of TCP/IP, ports, protocols, and firewalls.
• Comfortable with Windows-based systems, Active Directory, and Office 365 environments.
• Strong documentation and communication skills.
• Proactive mindset with a willingness to learn and adapt.

Microsoft certifications (any of the following):

• SC-200 (Security Operations Analyst)
• MS-500 (Microsoft 365 Security Administration)
• AZ-500 (Azure Security Engineer Associate)
• Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk).
• Experience working in a regulated environment (healthcare, finance, etc.).