We are seeking a skilled IT Security professional with 3–6 years’ experience in security operations, endpoint security, and SOC or security engineering environments. The role involves detecting, analysing, and remediating malicious activity across endpoints, servers, and web assets while enforcing strong security controls and policies. This role requires hands-on involvement in incident response, attack surface management, certificate lifecycle management, and vulnerability remediation.

What you'll do:

• Detect, analyze, isolate, and remediate malicious content across endpoints and servers.
• Enforce endpoint security posture, including removal of unauthorized VPNs and USB device controls.
• Deploy, manage, and troubleshoot security agents (SentinelOne, Netskope, Gytpol).
• Administer Privileged Access Management (BeyondTrust), including account and server onboarding.
• Perform certificate lifecycle management and remediation of expired or exposed certificates.
• Ensure web and brand protection controls via Imperva WAF and vulnerability remediation (Qualys).
• Execute attack surface management activities, including exposed service remediation.
• Support application security monitoring, vulnerability triage, and secure coding validation.

Your Expertise:

• 3–6 years’ experience in:
• IT Security Operations
• Endpoint Security
• SOC or Security Engineering environments
• Hands-on experience with enterprise security tools and controls
• Exposure to regulated or large enterprise environments
• Experience supporting both technical remediation and user-facing security processes
• Strong understanding of cybersecurity operations, endpoint protection, access management, and threat remediation.
• Ability to follow and execute incident response lifecycle activities.
• Competent in applying security policies, controls, and procedures across endpoints, servers, and web assets.
• Proven ability to assess risk, implement controls, and validate remediation.
• High attention to detail with strong documentation discipline.
• Strong analytical and problem-solving skills
• Excellent written and verbal communication
• Ability to explain security concepts to non-technical users
• High attention to detail and accuracy
• Time management and prioritisation under pressure
• Stakeholder engagement across IT, security, and business teams
• Documentation and reporting discipline.

Qualifications:

• Diploma or Degree in:
  • Information Technology
  • Cybersecurity
  • Computer Science
  • Information Systems
• Industry certifications (advantageous):
  • CompTIA Security+
  • Microsoft Security (SC-200 / SC-300)
  • SentinelOne, Netskope, BeyondTrust certifications
  • ITIL Foundation
  • ISO 27001 awareness or practitioner
  • OWASP or AppSec-related certifications (for APSEC scope)

Technical Skills:

• Endpoint Security & EDR:
  • SentinelOne
  • EDR, SIEM, DLP concepts
• Endpoint & Device Management:
  • SCCM
  • Microsoft Intune
• Cloud & Web Security:
  • Netskope
  • Imperva WAF
  • Qualys
• Privileged Access Management:
  • BeyondTrust
• Identity & Directory Security:
  • Active Directory
  • PingCastle
• Configuration & Compliance:
  • Gytpol
• Data Protection:
  • Microsoft 365 DLP
• Application Security:
  • SAST / DAST tools
  • OWASP Top 10 awareness
• Certificate & Domain Management:
  • SSL/TLS lifecycle
  • DNS management
• Operating Systems:
  • Windows Workstations & Servers