Security jobs in South Africa

The Senior Information Security Engineer is a strategic technical leader responsible for designing, implementing, and optimizing advanced security architectures across the company’s hybrid infrastructure, applications, and cloud environments. This role drives security engineering initiatives, mentors junior engineers, leads complex incident response efforts, and ensures compliance with global standards and regulatory requirements. The senior engineer collaborates with IT leadership, risk, and compliance teams to strengthen the company’s security posture and influence enterprise security strategy.

An opportunity exists for a Senior Information Security Engineer to work within a growing financial services organisation, supporting both on‑premises and cloud‑based environments.

• Lead the design and implementation of advanced security controls across on‑prem, cloud, and SaaS environments (Azure, Microsoft 365).
• Define security architecture standards and review new technology integrations for compliance.
• Champion secure development lifecycle practices and perform advanced application security assessments.
• Configure and maintain enterprise firewalls to ensure optimal security and performance.
• Implement and manage Web Application Firewall (WAF) solutions to protect against application‑layer attacks.

• Oversee, configure and optimize security tools (Firewalls, Webservers, SIEM, EDR, DLP, vulnerability management platforms).
• Develop automation strategies for threat detection and response, integrating with ITSM platforms.
• Establish operational playbooks and mentor team members on best practices.
• Collaborate with outsourced SOC teams to ensure effective monitoring and incident escalation.
• Integrate SOC services into the company’s security operations framework for seamless threat detection and response.
• Manage SLAs and performance metrics for outsourced SOC providers.

• Lead major incident investigations, forensic analysis, and root cause determination.
• Act as escalation point for critical security events and coordinate cross‑functional response.
• Drive proactive threat hunting and advanced analytics initiatives.

• Define vulnerability management strategy and ensure timely remediation of critical risks.
• Provide executive‑level reporting on risk exposure and remediation progress.

• Architect and enforce enterprise‑level identity governance using Microsoft Entra ID (Azure AD).
• Implement advanced privileged access management and zero‑trust principles.

• Develop and deliver security awareness programs to educate employees on cybersecurity best practices.
• Create engaging content and campaigns to promote a culture of security across the organization.
• Measure effectiveness of awareness initiatives and report improvements to leadership.

• Ensure alignment with ISO 27001, NIST CSF, CIS benchmarks, and regulatory requirements (POPIA, GDPR, FSCA).
• Lead technical audits, penetration tests, red/blue team exercises and provide authoritative guidance on risk mitigation strategies.

• Deliver strategic security metrics, risk dashboards, and board‑level presentations.
• Recommend improvements to security posture based on threat intelligence and trend analysis.
• Implement security posture improvements and report on progress.
• Produce detailed reports on firewall and WAF configurations, changes, and performance metrics.

• Diploma or Bachelor’s degree in IT, Computer Science, or related field.
• CISSP, CISM, or equivalent senior‑level certifications.
• Microsoft Certified: Cybersecurity Architect Expert or SC‑series certifications.

• 7+ years in cybersecurity or security engineering roles, with at least 3 years in a senior or lead capacity.
• Expert‑level knowledge of SIEM, EDR, firewalls, DLP, and vulnerability management platforms.
• Hands‑on experience in firewall configuration, WAF deployment, and generating detailed security reports.
• Experience in designing and implementing information security awareness programs.
• Advanced understanding of identity governance, zero‑trust architecture, and cloud security (Azure, Microsoft 365).
• Strong experience with scripting and automation (PowerShell, Python).
• Proven track record in leading incident response and security architecture projects.

• Experience with Hillstone security technologies, NGINX, Microsoft Intune, Microsoft Purview, and various SIEM solutions.

• Strong organizational and documentation skills.
• Ability to mentor and develop junior engineers.
• Excellent communication and customer service orientation.
• Excellent communication skills for executive and technical audiences.
• Ability to analyze data and identify trends.
• Proficiency in ITSM tools and Microsoft Office Suite.
• Ability to manage multiple priorities in a fast‑paced environment.
• Troubleshooting and strong resolution skills.
• Highly ethical, resilient, and committed to continuous improvement.
• Achievement / Results orientated.
• Team Player.
• Motivated and positive attitude.