Cape Town: Network Security Manager posted by Progressive IT Resourcing

Our Client

This division is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. They operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Company.

What will you do?

As the Network Security Manager, you will be responsible for the operational management of a hybrid networking environment that spans on-premises infrastructure, Azure, and AWS platforms. In this role, you will oversee the day-to-day network security operations, ensuring that robust controls are in place and that responses to threats and incidents are both effective and timely. You will lead a team of network security professionals and work closely with the CSIRT Team and other key stakeholders to ensure all alerts, incidents, and escalations are managed efficiently and in accordance with best practices. Your leadership will help drive the ongoing security and resilience of Company’s network infrastructure, supporting the companys growth and innovation objectives. Additionally, you will act as a subject matter expert (SME) for project delivery aspects related to network security, providing guidance and support to security architects to ensure that network security requirements are effectively addressed throughout project lifecycles.

What will make you successful in this role?

• Maintain an up-to-date understanding of the hybrid network environment (on-premises, Azure, and AWS) and industry trends to identify risks, control weaknesses, or improvement opportunities and communicate these to management.
• Oversee the security configuration, hardening, and continuous monitoring of firewalls, routers, load balancers, and cloud network security controls (e.g., Security Groups, Network ACLs, NSGs).
• Ensure that network-level security tooling (e.g., IDS/IPS, firewalls, NDR, packet brokers, and flow analysis systems) is effectively managed, tuned, and monitored for anomalous activity.
• Handle alerts and incidents identified by network-focused security systems in close collaboration with the CSIRT, Runtime Security, and Infrastructure Operations teams.
• Drive timely investigation and remediation of network-related vulnerabilities, misconfigurations, or exposed endpoints detected by vulnerability management or cloud-native security platforms.
• Develop, document, and maintain network security baselines and standards across all environments, ensuring alignment with architectural and compliance frameworks.
• Oversee segmentation design and enforcement across environments to minimize lateral movement and ensure appropriate isolation of critical systems.
• Collaborate with Cloud and Application Security teams to validate secure network architectures for new deployments and services.
• Provide regular reporting on network security posture, key incidents, and emerging risks to management and governance forums.
• Identify and implement opportunities for automation and operational improvement in network security monitoring, alerting, and incident response workflows.
• Manage and mentor the Network Security team, ensuring skills development, performance management, and a culture of accountability and continuous improvement.
• Act as the escalation point for complex network security issues, providing expert guidance and technical direction.
• Contribute to and maintain the playbooks and procedures for network security incident response in collaboration with CSIRT.
• Serve as a subject matter expert (SME) for all aspects of network security project delivery, providing technical guidance and oversight to ensure project requirements are aligned with organizational security policies and best practices.
• Advise and support security architects and project teams in designing secure network solutions, ensuring that network security controls are integrated throughout the project lifecycle from planning to implementation and review.
• Participate in project meetings and architecture reviews to proactively identify and address network security risks and control gaps.

Qualifications & Experience

Formal Education

• Matric
• Bachelors degree in computer science, Information Technology, or related field; master’s degree preferred.

Security Certifications

• Network+ and/or Security+ certification

Networking & Platform-Specific

• CCNP Security or equivalent (e.g., Fortinet NSE4+, Palo Alto PCNSE)

Preferable

• AWS Certified Advanced Networking Specialty
• Azure Network Engineer Associate or Azure Security Engineer Associate
• Terraform Associate or DevNet certifications for automation-aligned roles
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)

Experience

• 510 years of total experience in IT infrastructure, networking, or security, with at least 5 years in network security roles.
• 13 years in a leadership or management capacity, preferably leading a team of network or security engineers.
• Proven experience managing hybrid environmentstraditional datacenter networks, cloud-native constructs (AWS VPCs, Azure VNets), and interconnects (ExpressRoute, Direct Connect, VPNs, SD-WAN) from a network security perspective.
• Hands-on experience with network security tooling: firewalls (e.g., Fortinet, Check Point), IDS/IPS, NDR (DarkTrace), and cloud-native equivalents (AWS Network Firewall, Azure Firewall, etc.).
• Demonstrated success in incident response collaborationworking with SOC/CSIRT teams on network-related incidents.
• Experience developing and enforcing network segmentation, zero trust principles, and secure connectivity patterns across multi-cloud architectures.
• Familiarity with infrastructure automation and observability, e.g., Terraform, Ansible, and network telemetry tools like VPC Flow Logs, Azure NSG Flow Logs, or NetFlow.
• Exposure to compliance and governance frameworks such as ISO 27001, NIST CSF, CIS Controls, etc.

Technical Competencies

• Deep understanding of TCP/IP, routing, VPNs, DNS, TLS, etc.
• Solid working knowledge of AWS and Azure network servicesTransit Gateways, PrivateLink, Security Groups, NSGs, Application Gateways/ALBs, etc.
• Experience integrating on-prem and cloud security controls, including monitoring, access control, and network analytics.
• Understanding of network threat detection and mitigation, including common attack patterns (e.g., lateral movement, DDoS, exfiltration).
• Experience with automation and scripting (Python, PowerShell, or Bash) to improve operational efficiency would be a plus.
• Familiarity with SIEM integration and log correlation (e.g. ELK, CrowdStrike, etc.)

Knowledge and Skills

• Cyber Security Administration
• Cyber Security Audits
• Cyber Security Compliance
• Assessing security risks
• Assessment risk mitigation for the organisation