Role Description

Managed Security Engineer at IT Lab, Cape Town

Company Background
IT Lab is a leading technology and managed services provider in the UK, ranked within the top five European and top 50 global managed services suppliers and operates out of offices in London, Manchester and Cape Town and, via its global partners, in 13 countries across the world. The award-winning company provides a range of services including 24/7 support, cloud services, ERP software implementation, technology transformation and change projects, strategic consulting and analytics. 

We are a dynamic and fast growing company that truly values and is reliant upon our people, our culture and our commitment to excellence we call Service Obsession. Being the best means having the best people, and getting the best people means being the best place to work. 
A core part of our business is our Cape Town operations centre from which we provide 24/7 support to our predominantly UK based clients and their global operations via a 1st – 3rd line service desk, 365 days per year. This operation is planned to expand significantly in the coming years. This expansion is to not only accommodate growth in our service desk, but also an expanding remit to broaden our local service capability. 

An opportunity has arisen for an experienced security focused Support Engineer to join our Managed Services team working in our Cape Town Office, to continually improve and maintain the security hardening profile of our client IT systems. Relevant experience and the ability to learn quickly, communicate well at all levels, work with 100% commitment and contribute to the success of our existing team of dedicated professionals is vital.

The Role
The Managed Security Engineer role is part of the Network Operations Centre (NOC) and Cyber Security Operations Centre (CSOC) within the Managed Services Department of IT Lab. The candidate will be an active member within the NOC and CSOC using a variety of network and security platforms to meet the requirements of the business and its customers. This is a hands-on role and requires broad technical knowledge, skills and abilities of modern IT systems and infrastructure. It is advantageous to have a sound understanding and/or experience of Cyber Security methodologies, concepts and practices. 

Duties and responsibilities:
  • Work within a multi-disciplined environment (NOC / CSOC) identifying, owning, progressing and resolving network and security incidents. 
  • Perform prompt and effective incident triage and investigation applying sound problem-solving methods to determine scope, urgency, and potential business-impact.
  • Maintain and operate a wide variety of platforms and toolsets.
  • Work with internal and external stakeholders to resolve network and security incidents and vulnerability compliance.
  • Drive customer satisfaction and continuously seek to improve operational performance.
  • Collaborate with other teams to maintain standards and functionality.
  • Initiate, update, approve and maintain knowledge articles within the prescribed ITSM tool
  • Ensure Service Level Agreements (“SLAs”) are met internally and per customer requirements
  • Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities.
  • Provide technical support for the identification, triage and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.

Required skills and capabilities

The ideal candidate will have/be:
  • Excellent soft skills in the form of team working, problem solving and communication. 
  • A keen self-starter who can evidence excellent customer service and can collaborate effectively.
  • A good understanding of process, change and problem management
  • Demonstrable network security knowledge: IDS/IPS, firewalls, remote access, VPN, network monitoring, vulnerability scanning, anti-malware
  • Good working knowledge of Windows and Linux OS, TCP/IP, DNS, HTTP(S), SNMP and server virtualisation (Hyper-V/VMware)
  • One or more of the following industry certifications: 
    • CompTIA Security+, Network +, A+, Microsoft Certified Associate or higher, Cisco CCNA or above.
  • Solid working experience of a number of the products in the following technology stacks:
    • Networking and Firewalls – Cisco, Dell, Fortinet
    • Microsoft Servers 2012-2019
    • Cloud platforms – O365, Azure, AWS, Mimecast
    • RMM and Professional Monitoring toolsets
    • Data Protection | Backup solutions – Backup Exec, VEEAM, Microsoft, DPM, Microsoft Azure Backup Server, Azure Site Recovery

Desired working experience:
  • Experience with a SIEM platform (Splunk, AlienVault, QRadar, LogRhythm) 
  • Experience with Fortinet, Cisco Meraki, Switching (HP, Juniper), Firewalls (Cisco, Juniper, Palo Alto) 
  • Experience in cloud architectures (Azure, AWS) and engineering solutions
  • An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
  • Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security

The Package
  • Working hours will be 40 to 45 hours a week during standard business hours (Monday – Friday, rotational shifts between 7am – 7pm UK time)
  • Package depending on experience
  • 22 days’ annual leave
  • Access to a medical aid and pension scheme
  • Rewarded for additional IT related study
  • Free breakfast daily, lunches paid for on Friday (and a whole array of other benefits!)
  • Working for an established London based employer with predominantly UK based clients

Good luck and please bear in mind we receive a very high number of applications; we will endeavour to get back to all applicants, however, we thank you for understanding this is not always possible for unsuccessful applicants.

IT Lab is an equal opportunities employer and is committed to attracting and retaining the best talent.