Infrastructure Engineer

The Infrastructure Engineer will be responsible for designing, deploying, securing, and maintaining reliable, high-performance infrastructure that supports sensitive data and high-end projects within Acentria Group. This role is based in Zambia and requires an engineer who operates with autonomy, security-first thinking, and compliance rigor. The engineer will support: • Secure on-premises and cloud infrastructure handling confidential information. • Implementation and maintenance of systems under NIST, ISO 27001, ISO 27701, and ISO 9001 frameworks. • Migration and optimization of workloads on Microsoft Azure. • Collaboration with security, risk, and business teams in FMCG or Financial Services contexts (advantageous).

1. MAIN RESPONSIBILITIES OF THE JOB

 Functional / Technical

• Design, deploy, and manage secure infrastructure (servers, storage, networking) with emphasis on Microsoft technologies (Azure, Windows Server, Entra ID).
• Implement and maintain infrastructure as code (IaC) using ARM, Bicep, or Terraform.
• Manage and secure cloud environments (Azure) including IAM, Key Vault, backup, and disaster recovery.
• Administer and harden operating systems (Windows Server, Linux) and network devices.
• Implement monitoring, logging, and alerting solutions (e.g., Azure Monitor, Sentinel, or SIEM tools).
• Ensure infrastructure security through vulnerability scanning, patch management, and configuration hardening aligned with NIST and ISO 27001 controls.
• Support CI/CD pipelines from an infrastructure perspective (Azure DevOps, GitHub Actions) – ensuring secure deployment environments.
• Maintain version-controlled, auditable infrastructure configurations and network diagrams.
• Provide L2/L3 technical support for infrastructure-related incidents, especially those involving sensitive data.

Governance, Risk & Compliance

• Adhere strictly to Secure Infrastructure Lifecycle processes.
• Ensure compliance with ISO 27001, ISO 27701 (privacy), ISO 9001 (quality), and NIST frameworks.
• Maintain proper change management, access controls, and audit traceability for all infrastructure changes.
• Produce and maintain infrastructure documentation for audits, continuity, and regulatory readiness.

People & Collaboration

• Work closely with Zambian-based and remote teams (development, security, business).
• Participate in architecture reviews, security walkthroughs, and incident post-mortems.
• Promote knowledge transfer and documentation-first culture.

2. KNOWLEDGE, SKILLS AND EXPERIENCE

Minimum level of academic qualification, skills and knowledge required to perform effectively in the role:

• Bachelor's degree in Computer Science, IT, Network Engineering, or related field.

Minimum level of professional qualification required to perform effectively in the role:

• C-SAT (Certified Security Analyst or equivalent) – e.g., CSA, CEH, or Azure Security Engineer.
• Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect.
• ISO 27001 Lead Implementer or Internal Auditor (preferred but not mandatory if strong experience shown).

Minimum level of Technical experience required to perform effectively in the role:

• Strong experience with Microsoft Azure (Virtual Machines, Networking, Entra ID, Key Vault, Backup, Site Recovery, Policy).
• Infrastructure as Code: ARM, Bicep, or Terraform.
• Operating Systems: Windows Server (required), Linux (advantageous).
• Networking: DNS, VPN, firewalls, load balancers, routing, VLANs.
• Monitoring & Logging: Azure Monitor, Log Analytics, or SIEM integration.
• Scripting: PowerShell, Bash, or Python for automation.
• Security-hardened infrastructure (NIST, CIS benchmarks).

Minimum months or years of experience required to have to perform effectively in the role:

• 5+ years as an Infrastructure Engineer, Systems Administrator, or Cloud Engineer.
• Proven experience working with sensitive data (PII, financial, or classified).
• Experience in NIST compliance and ISO 27001/27701/9001 environments.

Added Advantage

• Experience in FMCG or Financial Institution sectors.
• Familiarity with ISO 27701 (privacy) implementation.
• Previous work in Zambia or Southern Africa region.

3. KEY PERFORMANCE INDICATORS

• Secure, compliant software handling sensitive data with zero major breaches.
• Fully documented APIs and architectures ready for audit
• Automated CI/CD pipelines with security gates
• 9% availability for production systems
• Audit-ready technical and compliance documentation.
• Demonstrable security & compliance knowledge transfer to team

4.  COMPETENCIES

• Strong problem-solving and analytical skills
• Security first and compliance-driven mindset
• Ability to work independently in a 1-year contract role
• Strong communication with technical and non-technical stakeholders
• High ownership, accountability, and audit readiness
• Agile and DevOps orientation

5. WORKING RELATIONSHIPS

• Cybersecurity Team
• Risk & Compliance Team
• Business Stakeholders

6. CONTRACT & RENEWAL TERMS

• Initial contract: 1-year fixed term.
• Renewal: Based on annual performance review, business continuity, and compliance adherence.
• Location: Zambia (Lusaka preferred)