IT Cybersecurity Engineer (DBN Hybrid)

A cutting-edge Tech company in Durban seeks the technical expertise of a highly skilled IT Cybersecurity Engineer to join its team. Your core role will be to enhance the security offering, ensuring proactive threat management, effective incident response, and continuous improvement of Cybersecurity defences for the business and its customers. This role requires strong leadership and collaboration with internal teams and external stakeholders to maintain a robust security posture. You will also need Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP or equivalent with 15 years of experience in Information Technology and 10 years in Cybersecurity and operations platforms from Microsoft, Fortinet and Sophos.

Delivery -

• Provide technical guidance support and serve as an escalation point for complex security issues.
• Assist with recruitment, onboarding, and training of security personnel.
• Implement Information Security solutions as needed.
• Implement formal monthly reporting for services delivered.
• Support the team in the following:
• Security Operations, Threat Detection & Incident Response
• Threat Hunting & Vulnerability Management
• Prevention and Risk Management
• Risk identification and mitigation

Solution Development and Pre-sales -

• Provide detailed designs, architectures, bills of materials, high level project plans, scope of works, deliverables for proposals and projects.
• Present to customers and complete demonstrations, proof of concept tests and assessments.
• Provide input into contracts for delivery of services.

Stakeholder collaboration and communication -

• Work closely with IT, Security, and Risk Management teams to enhance security strategies.
• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.
• Collaborate with Project Managers, Service Delivery teams, and Sales teams on security-related initiatives.
• Maintain effective communication via company collaboration tools (Teams, CRM, Service Desk).

Continuous Improvement & Compliance –

• Stay updated with the latest security threats, technologies, and best practices.
• Define and implement standard operating procedures (SOPs).
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organisational resilience.
• Provide a quality assurance service to check all outputs of the Security Operations team.

Key Performance expectations –

• Maintain a strong leadership presence, working in the office at least three days per week.
• Help to identify and drive key performance metrics for the department.
• Achieve and track own billable work hours, CRM tasks and project milestones.
• Help the team to achieve their billable workable hour targets.
• Employee Satisfaction Score and staff retention: receive feedback in the upper quartile from the team.
• Begin with the end in mind. Ensure all work completed is aligned with achieving specific deliverables as outlined in project plans or service level agreements.
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Foster a continuous improvement mindset and actively develop leadership skills.
• Drive accountability, ensuring all tasks and security measures are executed effectively.
• High levels of customer satisfaction and retention.
• Ensure all risks are highlighted and communicated.
• Commitment to continual professional development.

Qualifications – Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent.

Expertise/Skills –

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity.
• Proven experience in progressively responsible technical roles, including leadership positions.
• Strong expertise in Microsoft Security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
• In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
• Proven experience in managing complex security incidents and remediation processes.
• Familiarity with regulatory frameworks and compliance standards like POPIA, PCI-DSS, GDPR, ISO 27001, CIS and NIST.
• Strong communication skills for reporting to executives and educating stakeholders on security risks.