Mid Cybersecurity Engineer (CPT Hybrid) at Datafin Recruitment

ENVIRONMENT:

• ACT as the technical specialist across the Security portfolio of a dynamic IT Solutions Provider seeking the expertise of a Mid Cybersecurity Engineer. You will design, deploy, support, and optimize solutions to secure enterprise environments to the highest standards.
• The position is heavily hands-on, with a strong emphasis on solution architecture, advanced deployments, integrations, troubleshooting, and L3/L4 escalation support.
• You will be involved in complex implementations, execute advanced Proof of Concepts (POCs), and provide expert-level technical enablement, while also delivering internal and external training and representing the organisation in technical engagements and forums.
• Applicants will require a Bachelor’s Degree in Computer Science, Cybersecurity, or a related field with 5-8 years hands-on experience in Cybersecurity including Endpoint Security (EPP, EDR/XDR), Security Operations and threat detection, Windows, macOS, Linux, TCP/IP, DNS, AWS, Azure & GCP.

DUTIES:

Solution Architecture & Engineering –

• Design and implement scalable security architectures across enterprise environments (1,000+ endpoints, multi-site).
• Deploy and optimize solutions across:
• Endpoint Protection (EPP)
• EDR/XDR
• Data Loss Prevention (DLP)
• Endpoint Encryption
• Mobile Device Management (MDM)
• Mail Security
• Vulnerability and Patch Management
• Ensure high availability, performance optimisation, and security best practices.

Advanced Deployment & Operations –

• Lead end-to-end deployment and configuration of solutions.
• Manage large-scale rollouts with minimal disruption to business operations.
• Perform continuous optimisation and tuning of security policies and detection mechanisms.

Escalation Support (L3/L4) –

• Provide Tier 3 and Tier 4 technical support for complex issues.
• Conduct deep troubleshooting, root cause analysis, and remediation.
• Collaborate with vendor support teams for critical escalations.
• Produce detailed technical reports and resolution documentation

Integration & Automation –

• Integrate solutions with:
• SIEM/SOAR platforms (e.g., Splunk, QRadar, Microsoft Sentinel)
• Identity systems (Active Directory, Azure AD)
• Cloud environments (AWS, Azure, GCP)
• Develop automation scripts using PowerShell and/or Python for deployment, monitoring, and reporting.

Threat Detection & Security Operations –

• Support security operations through:
• Threat detection and analysis
• Incident investigation and response
• Threat hunting aligned with the MITRE ATT&CK framework
• Analyse logs, alerts, and endpoint activity to identify and mitigate threats.

Technical Enablement & Training –

• Deliver advanced technical training sessions, webinars, and workshops.
• Develop:
• Technical documentation
• Standard Operating Procedures (SOPs)
• Troubleshooting guides
• Provide hands-on enablement for internal teams, partners, and customers.

Stakeholder Engagement & Technical Leadership –

• Collaborate with IT teams, security teams, and leadership to:
• Validate deployments
• Improve security posture
• Recommend policy enhancements
• Present technical findings to both technical and non-technical audiences.
• Represent the organisation in technical discussions, webinars, and industry forums.

REQUIREMENTS:

Qualifications –

• Bachelor’s Degree in Computer Science, Cybersecurity, or a related field.

Experience/Skills –

• 5 – 8+ Years of hands-on experience in Cybersecurity

Strong expertise in:

• Endpoint Security (EPP, EDR/XDR)
• Security Operations and threat detection

Proven experience in:

• Large-scale enterprise deployments (1000+ endpoints)
• Advanced troubleshooting and debugging
• Tier 3 support environments

Strong technical knowledge of:

• Windows, macOS, and Linux operating systems (Must Have)
• Networking fundamentals (TCP/IP, DNS, firewalls)
• Cloud platforms (AWS, Azure, GCP)
• Microsoft 365 and/or Google Workspace environments

Experience with:

• SIEM/SOAR integrations
• Vulnerability and patch management solutions
• Compliance frameworks (GDPR, ISO 27001, SOC 2, NIST CSF, POPIA)
• Strong scripting and automation skills (PowerShell, Python, or Bash).

Preferred Experience:

• Experience working with Cybersecurity vendors or distributors.
• Background in:
• Incident response
• Threat hunting
• Security operations (SOC environments)

Highly Desirable:

• CompTIA Security+, CySA+
• CISSP, CEH, CHFI
• Network Certifications (e.g., CCNA, Network+)
• IT Service Management Certification (e.g., ITIL)
• Vendor Certifications in EDR/XDR platforms
• Linux Certification