Principal Security Engineer

The Security Solutions Architect is responsible for pre-sales design, architecture, and scoping of security solutions and services, requiring in-depth knowledge of the security portfolio and service catalogue. The role supports delivery by collaborating with security teams to implement solutions, acting as a senior technical escalation for incidents and service requests. The position also drives continuous improvement of security offerings through proactive threat management, incident response, and optimisation of cybersecurity controls, leveraging technologies from Microsoft, Fortinet, and Sophos, while working closely with internal teams and external stakeholders.

Key Responsibilities

1. Delivery

• Provide technical guidance support and serve as an escalation point for complex security issues.
• Assist with recruitment, onboarding, and training of security personnel.
• Implement Information Security solutions as needed.
• Implement formal monthly reporting for services delivered.
• Support the team in the following:
• Security Operations, Threat Detection & Incident Response
• Threat Hunting & Vulnerability Management
• Prevention and Risk Management
• Risk identification and mitigation

2. Solution Development and Pre-sales

• Provide detailed designs, architectures, bills of materials, high level project plans, scope of works, deliverables for proposals and projects
• Present to customers and complete demonstrations, proof of concept tests and assessments
• Provide input into contracts for delivery of services

3. Stakeholder Collaboration and communication

• Work closely with IT, Security, and Risk Management teams to enhance security strategies.
• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.
• Collaborate with project managers, service delivery teams, and sales teams on security-related initiatives.
• Maintain effective communication via company collaboration tools (Teams, CRM, Service Desk).

4. Continuous Improvement & Compliance

• Stay updated with the latest security threats, technologies, and best practices.
• Define and implement standard operating procedures (SOPs).
• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.
• Research and recommend innovative security solutions to enhance organisational resilience.
• Provide a quality assurance service to check all outputs of the Security Operations team

5. Key Performance expectations

• Maintain a strong leadership presence.
• Help to Identify and drive key performance metrics for the department
• Help the team to achieve their billable workable hour targets
• Employee Satisfaction Score and staff retention: receive feedback in the upper quartile from the security team
• Ensure prompt response to requests, security incidents and escalations.
• Keep security documentation and reports up to date.
• Foster a continuous improvement mindset and actively develop leadership skills.
• Drive accountability, ensuring all tasks and security measures are executed effectively.
• High levels of customer satisfaction and retention
• Ensure all risks are highlighted and communicated
• Commitment to continual professional development

Qualifications & Experience

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity
• Proven experience in progressively responsible technical roles, including leadership positions
• Strong technical and analytical skills
• Excellent problem-solving and critical-thinking skills
• Excellent communication and interpersonal skills
• Able to work as part of a team and independently
• Knowledge of best practices and secure design principles
• Able to work effectively in stressful situations
• Open minded to personal growth and development

Preferred Skills

• Strong expertise in Microsoft security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).
• In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).
• Proven experience in managing complex security incidents and remediation processes.
• Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent
• Familiarity with regulatory frameworks and compliance standards like Popia, PCI-DSS, GDPR, ISO 27001, CIS and NIST.
• Strong communication skills for reporting to executives and educating stakeholders on security risks.