IT Cybersecurity Engineer (DBN Hybrid) (26530) at Datafin Recruitment

ENVIRONMENT:

• A cutting-edge Tech company in Durban seeks the technical expertise of a highly skilled IT Cybersecurity Engineer to join its team.
• Your core role will be to enhance the security offering, ensuring proactive threat management, effective incident response, and continuous improvement of Cybersecurity defences for the business and its customers.
• This role requires strong leadership and collaboration with internal teams and external stakeholders to maintain a robust security posture.
• You will also need Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP or equivalent with 15 years of experience in Information Technology and 10 years in Cybersecurity and operations platforms from Microsoft, Fortinet and Sophos.

DUTIES:

Delivery -

• Provide technical guidance support and serve as an escalation point for complex security issues.
• Assist with recruitment, onboarding, and training of security personnel.
• Implement Information Security solutions as needed.
• Implement formal monthly reporting for services delivered.

Support the team in the following:

• Security Operations, Threat Detection & Incident Response
• Threat Hunting & Vulnerability Management
• Prevention and Risk Management
• Risk identification and mitigation

Solution Development and Pre-sales -

• Provide detailed designs, architectures, bills of materials, high level project plans, scope of works, deliverables for proposals and projects.
• Present to customers and complete demonstrations, proof of concept tests and assessments.
• Provide input into contracts for delivery of services.

Stakeholder collaboration and communication -

• Work closely with IT, Security, and Risk Management teams to enhance security strategies.
• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.
• Collaborate with Project Managers, Service Delivery teams, and Sales teams on security-related initiatives.
• Maintain effective communication via company collaboration tools (Teams, CRM, Service Desk).

Continuous Improvement & Compliance –

• Stay updated with the latest security threats, technologies, and best practices.
• Define and implement standard operating procedures (SOPs).
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organisational resilience.
• Provide a quality assurance service to check all outputs of the Security Operations team.

Key Performance expectations –

• Maintain a strong leadership presence, working in the office at least three days per week.
• Help to identify and drive key performance metrics for the department.
• Achieve and track own billable work hours, CRM tasks and project milestones.
• Help the team to achieve their billable workable hour targets.
• Employee Satisfaction Score and staff retention: receive feedback in the upper quartile from the team.
• Begin with the end in mind. Ensure all work completed is aligned with achieving specific deliverables as outlined in project plans or service level agreements.
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Foster a continuous improvement mindset and actively develop leadership skills.
• Drive accountability, ensuring all tasks and security measures are executed effectively.
• High levels of customer satisfaction and retention.
• Ensure all risks are highlighted and communicated.
• Commitment to continual professional development.

REQUIREMENTS:

Qualifications –

• Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent.

Expertise/Skills –

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity.
• Proven experience in progressively responsible technical roles, including leadership positions.
• Strong expertise in Microsoft Security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
• In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
• Proven experience in managing complex security incidents and remediation processes.
• Familiarity with regulatory frameworks and compliance standards like POPIA, PCI-DSS, GDPR, ISO 27001, CIS and NIST.
• Strong communication skills for reporting to executives and educating stakeholders on security risks.