Principal Engineer Security

The Securelytics Principal Engineer will report to the Securelytics Business Unit Manager and work closely with the Securelytics Team.

The job function is split between two areas:

• Solutions Architect for Security – perform a pre‑sales function to design, architect and scope security services and solutions. This involves a detailed understanding of the Securelytics offering to market and service catalogue.
• Delivery – Work with the Securelytics team to deliver projects and services to customers. Act as a senior escalation to the team to assist with incidents and requests.

Work with the team to enhance the company’s security offering, ensuring proactive threat management, effective incident response, and continuous improvement of cybersecurity defences for the company and the company’s Customers. This role requires strong leadership, technical expertise, and collaboration with internal teams and external stakeholders to maintain a robust security posture. This role demands expertise driving cutting‑edge security technology and operations platforms from Microsoft, Fortinet and Sophos.

• Provide technical guidance support and serve as an escalation point for complex security issues.
• Assist with recruitment, onboarding, and training of security personnel.
• Implement Information Security solutions as needed.
• Implement formal monthly reporting for services delivered.
• Support the team in the following areas:
  • Security Operations
  • Threat Detection & Incident Response
  • Threat Hunting & Vulnerability Management
  • Prevention and Risk Management
  • Risk identification and mitigation
• Provide detailed designs, architectures, bills of materials, high‑level project plans, scope of works, deliverables for proposals and projects.
• Present to customers and complete demonstrations, proof of concept tests and assessments.
• Provide input into contracts for delivery of services.
• Work closely with IT, Security, and Risk Management teams to enhance security strategies.
• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.
• Collaborate with project managers, service delivery teams, and sales teams on security‑related initiatives.
• Maintain effective communication via company collaboration tools (Teams, CRM, Service Desk).
• Stay updated with the latest security threats, technologies, and best practices.
• Define and implement standard operating procedures (SOPs).
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organisational resilience.
• Provide a quality assurance service to check all outputs of the Security Operations team.
• Maintain a strong leadership presence, working in the office at least three days per week.
• Help identify and drive key performance metrics for the department.
• Achieve and track own billable work hours, CRM tasks and project milestones.
• Help the team to achieve their billable workable hour targets.
• Achieve an employee satisfaction score and staff retention: receive feedback in the upper quartile from the Securelytics team.
• Ensure all work completed is aligned with achieving specific deliverables as outlined in project plans or service level agreements.
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Foster a continuous improvement mindset and actively develop leadership skills.
• Drive accountability, ensuring all tasks and security measures are executed effectively.
• Maintain high levels of customer satisfaction and retention.
• Ensure all risks are highlighted and communicated.
• Commit to continual professional development.

• Delivery – 50% Time Allocation – Yes – Billable Hours 80
• Solution Development and Pre‑sales – 38% Time Allocation – No – Billable Hours 60
• Stakeholder Collaboration and Communication – 13% Time Allocation – No – Billable Hours 20
• Continuous Improvement and Compliance – 0% Time Allocation – No – Billable Hours 0
• Total – 100% Time Allocation – 160 Billable Hours

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity.
• Proven experience in progressively responsible technical roles, including leadership positions.
• Strong technical and analytical skills.
• Excellent problem‑solving and critical‑thinking skills.
• Excellent communication and interpersonal skills.
• Able to work as part of a team and independently.
• Knowledge of best practices and secure design principles.
• Able to work effectively in stressful situations.
• Open minded to personal growth and development.
• A “can do now” mindset.

• Strong expertise in Microsoft security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
• In‑depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
• Proven experience in managing complex security incidents and remediation processes.
• Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent.
• Familiarity with regulatory frameworks and compliance standards like Popia, PCI‑DSS, GDPR, ISO 27001, CIS and NIST.
• Strong communication skills for reporting to executives and educating stakeholders on security risks.

These responsibilities are not exhaustive. In this dynamic role as a Principal Engineer, you may be required to perform ad‑hoc tasks and adapt to evolving challenges as they arise, ensuring that our clients receive the best possible service and solutions tailored to their unique needs. Your versatility and readiness to address diverse demands are integral to achieving success in this role.