Security Engineer
- Sandton, Johannesburg
- Permanent
- Full-time
Master’s degree or postgraduate diploma in Cybersecurity is advantageous.
Certifications (at least one required, more preferred):CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CEH (Certified Ethical Hacker)
CompTIA Security+, CySA+, or CASP+
GIAC certifications (e.g., GSEC, GCIH, GPEN)
Microsoft or AWS Security Specialty certifications
Technical Skills:Knowledge of Windows, Linux, and cloud platforms (Azure, AWS, GCP) security configurations.
Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar).
Familiarity with scripting or coding (Python, PowerShell, Bash, etc.).
Knowledge of firewalls, proxies, NAC, antivirus, and IDPS concepts.
Understanding of network protocols and secure architecture design.
Experience:Minimum 3 years’ experience in cybersecurity, network security, or related IT security roles.
Proven track record of managing and responding to security incidents.
Experience with regulatory compliance and audits (ISO/IEC 27001, NIST CSF, POPIA, GDPR).
Soft Skills:Analytical thinking and strong problem-solving abilities.
Effective communication and interpersonal skills.
High attention to detail and commitment to security excellence.
Ability to manage multiple tasks and priorities in a dynamic environment.
Self-driven with a passion for continuous learning.RESPONSIBILITIES / ACCOUNTABILITIES
Design, implement, and maintain secure infrastructure in accordance with NIST, ISO/IEC 27001, CIS Controls, and other relevant frameworks.
Perform regular security audits, vulnerability assessments, and penetration tests across systems, networks, and applications.
Monitor, analyse, and respond to security events using SIEM, IDS/IPS, endpoint protection, and threat intelligence platforms.
Manage and maintain security tools including firewalls, anti-virus, DLP, identity management, and encryption systems.
Develop and maintain security documentation including security architecture diagrams, SOPs, incident response plans, and compliance reports.
Investigate and manage security incidents and breaches including root cause analysis and post-incident reviews.
Conduct third-party risk assessments and support security compliance initiatives (e.g., POPIA, GDPR, ISO/IEC 27001, SOC 2).
Provide security awareness training to employees and contribute to the organization’s cybersecurity culture.
Support disaster recovery and business continuity planning from a security perspective.
Stay current with emerging threats, vulnerabilities, and regulatory changes affecting the cybersecurity landscape.The post appeared first on .
Freerecruit