Cyber Security Engineer

The Cyber Security Engineer will be responsible for designing, implementing, and maintaining security controls that protect sensitive data and high-end projects within Acentria Group. This role is based in Zambia and requires a security engineer who can operate with autonomy, threat-informed thinking, and compliance rigor. The engineer will support: • Security monitoring, threat detection, and incident response for internal and client-facing systems handling confidential information. • Implementation and continuous compliance with NIST, ISO 27001, ISO 27701, and ISO 9001 frameworks. • Security hardening and monitoring of workloads on Microsoft Azure. • Collaboration with development, infrastructure, risk, and business teams in FMCG or Financial Services contexts (advantageous).

1. MAIN RESPONSIBILITIES OF THE JOB

Functional / Technical

• Design, implement, and maintain security controls across cloud (Azure) and on-premise environments.
• Deploy and manage security tools: SIEM (Microsoft Sentinel or equivalent), EDR, IDS/IPS, and vulnerability scanners.
• Perform continuous security monitoring, log analysis, and threat hunting.
• Lead or support incident response activities, including detection, containment, eradication, and post-incident review.
• Conduct regular vulnerability assessments and coordinate remediation with IT and development teams.
• Implement and manage identity and access management (IAM) including Entra ID, MFA, privileged access, and role-based access control (RBAC).
• Perform security configuration hardening (CIS benchmarks, NIST guidelines) for servers, endpoints, network devices, and cloud resources.
• Support secure development by assisting with threat modeling, static/dynamic analysis, and penetration testing readiness.
• Maintain and test backup, disaster recovery, and business continuity plans from a security perspective.

Governance, Risk & Compliance

• Ensure compliance with ISO 27001, ISO 27701 (privacy), ISO 9001 (quality), and NIST frameworks through technical controls and evidence collection.
• Support internal and external audits by providing technical evidence of control effectiveness.
• Maintain proper change management, access review, and audit traceability for all security-relevant changes.
• Produce and maintain security documentation: policies, standards, runbooks, and audit evidence.
• Conduct risk assessments for new systems, third-party integrations, and changes to existing environments.

People & Collaboration

• Work closely with Zambian-based and remote teams (infrastructure, development, risk, compliance).
• Deliver security awareness training and technical guidance to staff.
• Participate in peer reviews of security configurations, incident post-mortems, and architecture reviews.
• Promote a security-first and compliance-driven culture across the organization.

2. KNOWLEDGE, SKILLS AND EXPERIENCE

Minimum level of academic qualification, skills and knowledge required to perform effectively in the role:

1. Bachelor's degree in Cyber Security, Computer Science, Information Technology, or related field.

Minimum level of professional qualification required to perform effectively in the role:

1. Strong experience with Microsoft Azure security (Entra ID, Microsoft Sentinel, Defender for Cloud, Key Vault, Policy).
2. SIEM and log management: Microsoft Sentinel, Splunk, or similar.
3. Endpoint Security: EDR/XDR (Microsoft Defender, CrowdStrike, SentinelOne, etc.).
4. Network Security: Firewalls, IDS/IPS, VPNs, network segmentation, and zero trust principles.
5. Vulnerability Management: Qualys, Tenable, Nessus, or similar tools.
6. Identity & Access Management: MFA, PIM/PAM, Conditional Access, RBAC.
7. Incident Response: Hands-on experience leading or supporting IR activities.
8. Scripting for automation: PowerShell, Python, or Bash.
9. Compliance frameworks: Deep working knowledge of NIST and ISO 27001 controls.

Minimum level of Technical experience required to perform effectively in the role:

• Strong experience with Microsoft Azure security (Entra ID, Microsoft Sentinel, Defender for Cloud, Key Vault, Policy).
• SIEM and log management: Microsoft Sentinel, Splunk, or similar.
• Endpoint Security: EDR/XDR (Microsoft Defender, CrowdStrike, SentinelOne, etc.).
• Network Security: Firewalls, IDS/IPS, VPNs, network segmentation, and zero trust principles.
• Vulnerability Management: Qualys, Tenable, Nessus, or similar tools.
• Identity & Access Management: MFA, PIM/PAM, Conditional Access, RBAC.
• Incident Response: Hands-on experience leading or supporting IR activities.
• Scripting for automation: PowerShell, Python, or Bash.
• Compliance frameworks: Deep working knowledge of NIST and ISO 27001 controls.

Minimum months or years of experience required to have to perform effectively in the role:

• 5+ years as a Cyber Security Engineer, Security Analyst, or similar role.
• Proven experience working with sensitive data (PII, financial, or classified).
• Experience in NIST compliance and ISO 27001/27701/9001 environments.
• Proven experience in incident response and vulnerability management.

Added Advantage

• Experience in FMCG or Financial Institution sectors.
• Familiarity with ISO 27701 (privacy) implementation.
• Previous work in Zambia or Southern Africa region.
• Experience with GDPR, PCI DSS, or local Zambian data protection laws.

3. KEY PERFORMANCE INDICATORS

• Zero major security breaches in systems handling sensitive data.
• Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) incident metrics within agreed SLAs.
• 100% audit-ready security documentation and control evidence.
• Vulnerability remediation SLAs met for critical/high findings.
• Successful internal and external audits with no major non-conformities.
• Security awareness training completion across relevant teams.
• Demonstrable security & compliance knowledge transfer to technical teams.

4. COMPETENCIES

• Strong analytical and problem-solving skills (security incident investigation)
• Threat-informed and risk-driven mindset
• Ability to work independently in a 1-year contract role
• Strong communication with technical and non-technical stakeholders (including during incidents)
• High ownership, accountability, and audit readiness
• Calm under pressure during active security incidents
• Continuous learning and threat intelligence awareness

5. WORKING RELATIONSHIPS

• Head of ICT & Cybersecurity Technology
• Infrastructure Team
• Software Development Team
• Risk & Compliance Team
• Business Stakeholders
• External Auditors and Penetration Testers

6. CONTRACT & RENEWAL TERMS

• Initial contract: 1-year fixed term.
• Renewal: Based on annual performance review, business continuity, and compliance adherence.
• Location: Zambia (Lusaka)