Job Title

Senior Cyber Security Engineer

South Africa, Western Cape
Back to jobs
R80000 - R100000 Per Month
Area: South Africa, Western Cape
Sector: Technology
Posted: 9 June 2026

Job Details

Purpose of the Role
This role leads advanced cyber defense initiatives for our Cape Town clients, focusing on Microsoft Defender and Sentinel deployments, incident response leadership, and complex threat management. Responsible for mentoring staff and continuously improving detection and response capabilities.

 Experience and Skills Required

  • Microsoft Certifications mandatory SC200 SC100 MS500 AZ500
  • 5+ years in cyber security operations, incident management, and SIEM engineering
  • Deep expertise with Microsoft Defender (all modules), Sentinel SIEM, and cloud security automation
  • Proven experience designing, tuning, and integrating advanced detection and response workflows

Technical Skills

  • Mastery of Sentinel SIEM and Defender engineering (integration, automation, threat intelligence)
  • Expert scripting (KQL, PowerShell), playbook development, and automation
  • Experience in complex incident management, digital forensics, and malware reverse engineering
  • Strong knowledge of cloud, endpoint, and identity security solutions

Certifications (Mandatory)

  • SC-200, SC-100, MS 500, AZ500
  • CISSP, CISM, or equivalent (advantageous)

Required Skills & Competencies

  • Advanced analytical and technical problem-solving
  • Mentorship and leadership ability
  • Strong presentation and executive reporting skills
  • Familiarity with global compliance (NIST, SOC2, ISO27001)

Communication & Collaboration

  • Ability to communicate advanced security topics to technical and non-technical stakeholders
  • Collaborative, proactive approach to team leadership and project management

Personal Attributes

  • Strategic thinking, continuous improvement mindset
  • Resilience and adaptability under pressure

Reporting Structure

  • Reports to Head of Security / CISO
  • Leads engineers and SOC analysts

Key Responsibilities

  1. Cyber Defense Leadership
  • Architect and optimize Microsoft Defender/Sentinel deployments
  • Lead major incident investigations and threat remediation

Threat Intelligence & Detection Design

  • Design advanced rules/playbooks
  • Integrate external threat intelligence and hunting methodologies

Team Mentorship & Technical Enablement

  • Coach junior engineers and analysts
  • Lead technical improvement projects

Note Technically you need to know:

Endpoint Security & Management

  • Ensure endpoint coverage and compliance
  • Configuration management
  • Attack Surface Reduction (ASR) management
  • Endpoint firewall and network protection
  • Vulnerability and baseline management
  • Threat detection, alert handling, and incident response
  • Update management, patching, and health monitoring
  • Exclusion management
  • Policy and compliance management
  • EDR integration and ecosystem management
  • Lifecycle management
  • Reporting

Identity & Access Security

  • Ensure sensor coverage and compliance
  • Monitor high-value identity activity
  • Manage and maintain identity protection policies and governance
  • Threat intelligence and alert management
  • Exposure management
  • Integration and logging
  • Configuration management and performance monitoring
  • Identity governance
  • Compliance reporting
  • Domain authentication control management

Email & Collaboration Security

  • Anti-spoofing policies
  • Malware protection
  • Phishing protection
  • Mailbox intelligence
  • Safe Attachments and Safe Links
  • Anti-spam and threat detection
  • Investigations and incident response
  • Collaboration application protection
  • Configuration management and hardening
  • Ongoing operations and maintenance

Data & Platform Security

  • Data protection and storage security
  • Platform security and configuration management
  • Threat detection, monitoring, and logging
  • Identity and access logging (auditability)
  • Governance, compliance, and risk management