Senior Information Security Engineer

Senior Information Security Engineer (JB5835)

Location: Midrand, Johannesburg, Gauteng

Salary: R1 200 000 per annum

Employment Type: Permanent

Our client is an established, South Africa–based financial services organisation operating within a regulated, enterprise-scale environment. The business offers investment, insurance, and wealth-related services, supporting a large national client base through secure, high-availability digital platforms. Technology is central to the organisation’s operations, with IT teams responsible for maintaining and enhancing business-critical systems, data integrity, and information security. The environment is stable, professionally managed, and suited to experienced IT professionals who value structure, accountability, and working on systems with long-term operational impact rather than short-term or experimental projects.

The role is responsible for designing, implementing, and optimising advanced security architectures across hybrid infrastructure, applications, and cloud platforms. The position also plays a key role in security operations leadership, incident response, vulnerability management, compliance, and executive-level reporting.

The ideal candidate is a senior-level security engineer with extensive experience in enterprise information security environments. They have strong technical depth across security architecture, operations, and incident response, and are capable of operating as a technical authority within a regulated financial services context. The role suits someone who can mentor junior engineers, engage with senior stakeholders, and contribute to the organisation’s overall security strategy.

• Diploma or Bachelor’s degree in IT, Computer Science, or a related field
• Senior-level security certification, such as CISSP or CISM, or equivalent
• Microsoft security certifications, including Cybersecurity Architect Expert or SC-series certifications
• 7+ years’ experience in cybersecurity or security engineering roles
• At least 3 years’ experience in a senior or lead security role
• Expert-level knowledge of SIEM, EDR, firewalls, DLP, and vulnerability management platforms
• Hands-on experience configuring enterprise firewalls and Web Application Firewall solutions
• Strong experience in identity governance, privileged access management, and zero-trust architecture
• Advanced understanding of cloud security, specifically Azure and Microsoft 365
• Scripting and automation experience using PowerShell and/or Python
• Experience designing and implementing information security awareness programmes

• Lead the design and implementation of security controls across on-premises, cloud, and SaaS environments.
• Define security architecture standards and review new technology integrations for compliance.
• Champion secure development lifecycle practices and perform application security assessments.
• Configure, manage, and report on enterprise firewall and Web Application Firewall solutions.
• Oversee and optimise security operations tools, including SIEM, EDR, DLP, and vulnerability management platforms.
• Develop operational playbooks and mentor junior security engineers.
• Collaborate with outsourced SOC teams, including SLA and performance management.
• Lead major security incidents, forensic investigations, and root cause analysis.
• Act as an escalation point for critical security events and coordinate cross-functional response.
• Define vulnerability and patch management strategies and report on remediation progress.
• Architect and enforce identity and access management using Microsoft Entra ID.
• Develop and deliver information security awareness initiatives across the organisation.
• Ensure alignment with ISO 27001, NIST CSF, CIS benchmarks, and regulatory requirements, including POPIA, GDPR, and FSCA.
• Deliver security metrics, dashboards, and executive-level reports to leadership.

Please do not apply using scanned CVs; no supporting documentation is required at this point. This will be requested later.

Kontak Recruitment Disclaimer:

Equal opportunity: All backgrounds are welcome, with no bias. All are considered based on requirements.

Job specifics: Requirements mirror advertisement, duties may adjust for client needs.

Fair process: Fair assessment, only shortlisted candidates contacted due to volume.

Privacy: Data processed as per Privacy Policy. By applying, you agree to data handling. We safeguard applicant info.

Candidate verification: Candidates selected by the client are verified. False info may disqualify or end employment with the client.

Offer clarity: The Advert is not a binding offer. Written offers based on pre-employment conditions.

No direct link: Advert is not tied to Kontak Recruitment. We assist in the employment process ONLY.

Applicant Responsibility: Upon applying, confirmation of receipt for a specific advert is given. If no confirmation is received, you must verify with Kontak Recruitment.