Sophos Engineer

Purpose of the role

The role plays a critical part in protecting the business against cyber threats by ensuring robust security configurations, proactive monitoring, rapid incident response, and compliance with security best practices. The successful candidate will act as the technical custodian of Sophos environments, helping to maintain a strong security posture while supporting business operations.

• Manage and administer the Sophos Central platform and all associated components, including Endpoint Protection, Intercept X, Server Protection, Email Security, and Sophos Firewalls (XGS or equivalent).
• Monitor security alerts, investigate incidents, analyse malware infections or intrusion attempts, and execute timely remediation actions.
• Design, configure, and maintain Sophos Firewall policies, including firewall rules, VPN (site-to-site and remote access), web/application filtering, QoS, NAT, and reporting.
• Implement and enforce security policies for endpoints, servers, networks, and users across Windows, Linux, and macOS environments.
• Perform regular system updates, patching, health checks, and backups of Sophos configurations and policies.
• Generate and review security reports on threat landscape, protection status, and compliance metrics for management and stakeholders.
• Troubleshoot complex technical issues related to Sophos products and coordinate with Sophos Support or vendors when necessary.
• Ensure seamless integration of Sophos solutions with existing infrastructure such as Active Directory, Microsoft 365, SIEM tools, and other security platforms.
• Participate in vulnerability management, patch management, and incident response processes.
• Document configurations, processes, and changes; provide training and knowledge transfer to IT teams and end users where required.
• Support on-call or after-hours requirements as part of a rotational schedule (where applicable).

• Grade 12
• Bachelor’s degree (or equivalent) in Computer Science, Information Technology, Cybersecurity, or a related field will be advantageous
• Relevant industry certifications are highly advantageous, including:
• Sophos Certified Engineer (Firewall or Central Endpoint)
• Sophos Firewall Architect (preferred for senior roles)
• CompTIA Security+, Network+, or equivalent
• CCNA, CEH, or other cybersecurity/networking certifications
• Strong understanding of networking fundamentals (TCP/IP, DNS, DHCP, VLANs, routing, VPN technologies) and cybersecurity principles.
• Driver’s License

• 5 – 6 years of hands-on experience in IT security, network administration, or cybersecurity operations.
• Minimum 3 years of practical experience specifically with Sophos products (Sophos Central, XGS Firewall, Intercept X, Endpoint Protection) in a production environment.
• Proven experience in configuring and troubleshooting Sophos Firewalls, including advanced features such as IPS, application control, web/email protection, and remote access VPN.
• Solid background working with Windows, Linux, and macOS environments, as well as integration with enterprise directory services (Active Directory / Entra ID).
• Experience in an MSP, managed security service, or enterprise environment is advantageous.
• Exposure to incident response, threat hunting, and security monitoring tools is beneficial.

• Excellent problem-solving and critical-thinking abilities.
• Strong customer service orientation with clear communication skills (verbal and written). (English & Afrikaans)
• Ability to work independently, manage priorities, and adapt to varied environments.
• Willingness to participate in on-call/emergency response.