Sophos Engineer

We are seeking a skilled and security-focused Sophos Engineer to join a dynamic team responsible for managing and securing enterprise infrastructure. The successful candidate will have strong hands-on experience across the Sophos ecosystem including endpoint server email and firewall security with the ability to proactively monitor remediate threats and maintain robust security controls.

• Manage and administer the Sophos Central platform and associated components including:
• Endpoint Protection
• Intercept X
• Server Protection
• Email Security
• Sophos Firewalls (XGS or equivalent)
• Monitor security alerts investigate incidents analyze malware infections or intrusion attempts and execute timely remediation actions.
• Design configure and maintain Sophos Firewall policies including:
• Firewall rules
• VPNs (site-to-site and remote access)
• Web and application filtering
• Quality of Service (QoS)
• NAT configurations
• Reporting and traffic analysis
• Implement and enforce security policies across:
• Endpoints
• Servers
• Networks
• User environments
• Support and secure Windows Linux and macOS environments.
• Perform regular system updates patching health checks and backups of Sophos configurations and policies.

Generate and review security reports related to:

• Threat landscape trends
• Protection status
• Compliance metrics
• Risk reporting for management and stakeholder

• Advantageous

• Sophos certifications (Engineer / Architect level preferred).
• Experience within managed services or enterprise security environments.
• Exposure to compliance frameworks and security best practices.
• Key Competencies
• Attention to detail
• Strong incident response capability
• Proactive security mindset
• Excellent communication skills
• Ability to work independently and in a team environment

• Additional Responsibilities

• Troubleshoot complex technical issues related to Sophos products and coordinate with Sophos support or third-party vendors where necessary.
• Ensure seamless integration of Sophos solutions with existing infrastructure including:
• Active Directory
• Microsoft 365
• SIEM tools
• Other security platforms

• Participate in:

• Vulnerability management
• Patch management
• Incident response processes
• Document configurations processes and changes accurately.
• Provide training and knowledge transfer to internal IT teams and end users where required.
• Support on-call or after-hours requirements as part of a rotational support schedule (where applicable).

Qualifications:

• Bachelors degree in computer science Cybersecurity or a related field.
• Preferred Certifications
• Relevant industry certifications are highly advantageous including:
• Sophos Certified Engineer (Firewall or Central Endpoint)
• Sophos Firewall Architect (for senior-level roles)
• CompTIA Security
• CompTIA Network

Additional Advantageous Experience:

• Experience integrating security tools into enterprise environments.
• Knowledge of SIEM monitoring and security event correlation.
• Strong understanding of vulnerability remediation and patch governance.

Additional Certifications:

• Further advantageous certifications include:
• CCNA
• CEH (Certified Ethical Hacker)
• Additional cybersecurity and networking certifications will be advantageous.

Technical Knowledge Requirements:

• Strong understanding of:
• Networking fundamentals including:
• TCP/IP
• DNS
• DHCP
• VLANs
• Routing
• VPN technologies
• Cybersecurity principles and best practices.

Experience Required:

• 56 years hands-on experience in IT Security Network Administration or Cybersecurity Operations.
• Minimum 3 years practical experience specifically working with Sophos products including:
• Sophos Central
• XGS Firewall
• Intercept X
• Endpoint Protection

Proven experience configuring and troubleshooting Sophos Firewalls including advanced features such as:

• Intrusion Prevention Systems (IPS)
• Application Control
• Web and Email Protection
• Remote Access VPN

Solid background supporting:

• Windows environments
• Linux environments
• macOS environments
• Enterprise directory integrations (Active Directory / Entra ID)
• Experience within an MSP managed security services or enterprise environment.
• Exposure to incident response threat hunting and security monitoring tools will be beneficial.

Soft Skills and Other Requirements:

• Excellent problem-solving and critical-thinking abilities.
• Strong customer service orientation.
• Clear verbal and written communication skills.
• Proficiency in English and Afrikaans.
• Ability to work independently manage priorities and adapt to varied environments.
• Willingness to participate in on-call and emergency response requirements.

If you meet the above requirements and have a passion for cyber security and infrastructure protection we would like to hear from you.

Please send your CV certificates to

Salary rangers on experience