Information Security Engineer

  • Johannesburg, South Africa
  • Contractor
  • On-Site

Job Description:

The Information Security Engineer is responsible for safeguarding the organisation's information systems against unauthorised access, modification, or destruction. This role combines hands-on security operations with the design and implementation of secure network and system architectures, ensuring proactive threat detection and effective incident response.

Key Responsibilities

Security Architecture & Engineering

  • Design, implement, and maintain robust security infrastructure across the organisation.
  • Develop and deploy secure network architectures and system configurations aligned with best practices.
  • Implement and manage security tools and platforms to protect systems and data.

Monitoring & Threat Management

  • Perform continuous monitoring of networks and systems to detect potential threats.
  • Conduct regular security assessments, vulnerability scans, and penetration testing.
  • Ensure rapid identification, analysis, and response to security incidents.

Incident Response & Risk Mitigation

  • Establish and maintain incident response protocols and procedures.
  • Investigate security breaches and implement corrective actions to prevent recurrence.
  • Develop automated solutions to mitigate vulnerabilities and streamline security operations.

Collaboration & Governance

  • Work closely with IT teams to define and enforce security standards, controls, and configurations.
  • Support the selection and deployment of security technologies aligned with business needs.
  • Ensure compliance with internal policies and relevant regulatory requirements.

Training & Awareness

  • Educate and train staff on information security policies, procedures, and best practices.
  • Promote a security-first culture across the organisation.

Qualifications & Experience

  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Relevant certifications preferred: CISSP, CISM, CEH, CompTIA Security+, GSEC, or similar.
  • Proven experience as an Information Security Engineer or in a similar role.
  • Hands-on experience with penetration testing and security assessment techniques.
  • Strong understanding of firewalls, proxies, SIEM, antivirus, and intrusion detection/prevention systems (IDPS).
  • Experience identifying, analysing, and mitigating network vulnerabilities.
  • Working knowledge of programming/scripting languages such as Python, SQL, Perl, Ruby, or Go.

Skills & Competencies

Technical Skills

  • Strong knowledge of networking protocols and infrastructure (routing, firewalls, IDS/IPS, encryption, load balancing).
  • Experience with Active Directory and Linux system administration.
  • Proficiency with vulnerability management and security tools (e.g. Greenbone, OpenVAS, Nessus, Intune, PingCastle).
  • Up-to-date knowledge of cybersecurity trends, threats, and risk management practices.

Behavioural Competencies

  • Strong analytical and problem-solving abilities.
  • Ability to work effectively under pressure and respond to incidents accurately.
  • Excellent communication and presentation skills.
  • Ability to translate complex technical concepts for non-technical stakeholders.
  • Strong project management and prioritisation skills.