Principal IT Cyber Security Engineer

Swan IT is searching for a Principal IT Cyber Security Engineer for a client in Durban. Work with the team to enhance the company’s security offering, ensuring proactive threat management, effective incident response, and continuous improvement of cybersecurity defences for the company and its customers. This role requires strong leadership, technical expertise, and collaboration with internal teams and external stakeholders to maintain a robust security posture.

Responsibilities:

• Provide technical guidance support and serve as an escalation point for complex security issues.


• Assist with recruitment, onboarding, and training of security personnel.


• Implement Information Security solutions as needed.


• Implement formal monthly reporting for services delivered.


• Provide detailed designs, architectures, bills of materials, high level project plans, scope of works, deliverables for proposals and projects


• Present to customers and complete demonstations, proof of concept tests and assessments  


• Work closely with IT, Security, and Risk Management teams to enhance security strategies.


• Provide regular security reports to stakeholders, detailing progress and risk mitigation efforts.


• Collaborate with project managers, service delivery teams, and sales teams on security-related initiatives.


• Stay updated with the latest security threats, technologies, and best practices.


• Define and Implement standard operating procedures (SOPs).


• Conduct vulnerability audits to ensure compliance with industry standards and regulatory requirements.

Requirements:

• Minimum of 15 years of experience in Information Technology and 10 years in Cybersecurity 


• Proven experience in progressively responsible technical roles, including leadership positions


• Strong expertise in Microsoft security tools (e.g., Azure Sentinel, Microsoft Defender, Azure Security Center).


• In-depth understanding of advanced threat management, including tactics, techniques, and procedures (TTPs).


• Proven experience in managing complex security incidents and remediation processes.


• Certifications such as Fortinet FCSS/NSE7, Sophos Architect, CISSP, CISM, CompTIA Advanced Security Practitioner (CASP+) or equivalent


• Familiarity with regulatory frameworks and compliance standards like Popia, PCI-DSS, GDPR, ISO 27001, CIS and NIST.


• Strong communication skills for reporting to executives and educating stakeholders on security risks.