Principal Engineer – IT Cyber Security

JOB PURPOSE STATEMENT

The Securelytics Principal Engineer will report to the Securelytics Business Unit Manager and work closely with the Securelytics Team. The job function is split between two areas:

• Solutions Architect for Security – perform a pre-sales function to design, architect and scope security services and solutions. This involves a detailed understanding of the Securelytics offering to the market and service catalogue.
• Delivery – Work with the Securelytics team to deliver projects and services to customers. Act as a senior escalation to the team to assist with incidents and requests.

Work with the team to enhance BCT’s security offering, ensuring proactive threat management, effective incident response, and continuous improvement of cybersecurity defences for BC Technologies and its customers. This role requires strong leadership, technical expertise, and collaboration with internal teams and external stakeholders to maintain a robust security posture. This role demands expertise in driving cutting-edge security technology and operations platforms from Microsoft, Fortinet and Sophos.

DUTIES & RESPONSIBILITIES

Delivery

• Provide technical guidance support and serve as an escalation point for complex security issues.
• Assist with recruitment, onboarding, and training of security personnel.
• Implement Information Security solutions as needed.
• Implement formal monthly reporting for services delivered.
• Support the team in the following:
• Security Operations, Threat Detection & Incident Response
• Threat Hunting & Vulnerability Management
• Prevention and Risk Management
• Risk identification and mitigation

Solution Development and Pre-sales

• Provide detailed designs, architectures, bills of materials, high level project plans, scope of works, deliverables for proposals and projects
• Present to customers and complete demonstations, proof of concept tests and assessments
• Provide input into contracts for delivery of services

Stakeholder Collaboration and communication

• Work closely with IT, Security, and Risk Management teams to enhance security strategies.
• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.
• Collaborate with project managers, service delivery teams, and sales teams on security-related initiatives.
• Maintain effective communication via company collaboration tools (Teams, CRM, Service Desk).

Continuous Improvement & Compliance

• Stay updated with the latest security threats, technologies, and best practices.
• Define and Implement standard operating procedures (SOPs).
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organisational resilience.
• Provide a quality assurance service to check all outputs of the Security Operations team

Key Performance expectations

• Maintain a strong leadership presence, working in the office at least three days per week.
• Help to Identify and drive key performance metrics for the department
• Achieve and track own billable work hours, CRM tasks and project milestones.
• Help the team to achieve their billable workable hour targets
• Employee Satisfaction Score and staff retention: receive feedback in the upper quartile from the Securelytics team
• Begin with the end in mind. Ensure all work completed is aligned with achieving specific deliverables as outlined in project plans or service level agreements
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Foster a continuous improvement mindset and actively develop leadership skills.
• Drive accountability, ensuring all tasks and security measures are executed effectively.
• High levels of customer satisfaction and retention
• Ensure all risks are highlighted and comminicated
• Comitment to continual professional development
  

JOB REQUIREMENTS

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity
• Proven experience in progressively responsible technical roles, including leadership positions
• Strong expertise in Microsoft security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
• In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
• Proven experience in managing complex security incidents and remediation processes.
• Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent
• Familiarity with regulatory frameworks and compliance standards like Popia, PCI-DSS, GDPR, ISO 27001, CIS and NIST.
• Strong communication skills for reporting to executives and educating stakeholders on security risks.

These responsibilities are not exhaustive.