Pretoria: Information Security Engineer – Hybrid posted by Profession Hub

Our client based in Pretoria and Sandton (Hybrid position) is searching for an Information Security Engineer – Hybrid to join their team.

Job Purpose:

• Responsible for protecting an organisation’s valuable data, systems, and network from cyber threats and attacks.

Responsibilities:

• Analyze, research, and report possible threats, vulnerabilities, and weaknesses in IT systems, applications and networks.
• Perform regular risk assessments and vulnerability management, recommending and implementing mitigation strategies.
• Implement and maintain best practices in line with information security standards and frameworks (e.g., ISO 27001, NIST CSF, PCI-DSS, POPIA).
• Support company employees with cybersecurity, software, and hardware needs, ensuring alignment with security best practices.
• Investigate, contain, and eradicate security incidents. Perform post-incident reviews and root cause analysis to strengthen controls.
• Monitor networking environments and engage with service providers to ensure security SLAs are met.
• Administer, configure, troubleshoot, and maintain IT security hardware and software, including firewall management and endpoint protection.
• Develop, tune, and maintain SOC/SIEM detection rules, dashboards, and incident playbooks.
• Ensure alignment of business operations with information security policies & procedures, including support for internal and external audits.
• Create and maintain security documentation, including incident reports, configuration baselines, and risk registers.
• Automate repetitive security tasks through scripting.
• Stay informed on emerging threats, vulnerabilities, and security technologies. Proactively recommend improvements.

Qualifications and Requirements:

• Grade 12 (Matric)
• National certificate or bachelors degree in Information Technology or Computer Science, or equivalent experience.
• CompTIA A+, N+, Security+, Certified Ethical Hacker (CEH) highly desired.
• Strong understanding of security concepts and controls across network, application, cloud, and endpoint environments.
• Excellent communication skills, including the ability to translate technical risks into business impact for non-technical audiences.
• Critical thinking, problem-solving, and ability to prioritise multiple security projects.
• Knowledge of security frameworks and compliance standards (ISO 27001, NIST, PCI-DSS, POPIA).
• Experience with SOC and SIEM solutions, incident detection and response, and security automation.
• Familiarity with scripting languages (Python, PowerShell, Bash) for security task automation.
• An enthusiasm and passion for staying up to date security threats, trends, and solutions protecting the organizations environment.

Experience:

• Minimum of 5 years in information and cyber security roles.
• Hands-on experience with networks, firewalls, VPNs, and network troubleshooting.
• Security experience with endpoint protection, email protection, email flow, Office 365, Azure, AWS, and other cloud-based solutions.
• Practical exposure to antivirus, content filtering, authentication, intrusion detection/prevention systems, and other layered security controls.
• Proficiency with Windows Server, Windows Desktop, and Linux operating systems.
• Demonstrated experience in implementing and enforcing information security governance and policy frameworks.
• Experience with Kali Linux, penetration testing tools, and vulnerability scanning solutions.
• Proven ability to critically analyze requirements/issues and solve complex problems.