Security & Infrastructure Engineer

ROLE OVERVIEW At Insyghts Security, we believe that the strongest cybersecurity professionals are those who deeply understand the infrastructure they protect. This is a purposefully broad, growth-oriented role designed for a driven individual who wants to build a holistic career across infrastructure engineering, cybersecurity engineering, and security operations — all within a single, evolving position. You will begin by taking ownership of core infrastructure and network engineering responsibilities, providing you with an intimate understanding of how client environments are built and how they function. As you grow in confidence and expertise, your scope will naturally expand to include cybersecurity engineering — designing and operating security controls — and security operations work such as threat monitoring, incident triage, and detection. These disciplines are not sequential checkboxes; at Insyghts Security, you are expected to develop them concurrently as the business and your capabilities grow. This role is ideal for a technically curious, self-driven professional who is excited by variety, thrives in a lean team environment, and wants to be genuinely multi-skilled rather than narrowly specialised. The career path ahead is clear and well-supported — from junior engineer through to senior specialist and, for those with the drive, leadership opportunities as the company scales. CAREER PROGRESSION FRAMEWORK This role is structured around four career tiers. Advancement is driven by demonstrated competency across all three disciplines — infrastructure, security engineering, and security operations — not by time served alone. Tiers 1 and 2 may overlap and develop concurrently; this is by design. Tier: Tier 1 Title: Junior Security & Infra Engineer Experience: 0 – 2 yrs Primary Focus: Infrastructure build, network config, system administration Expanded Scope: Alert monitoring, SOC support, basic incident triage Tier: Tier 2 Title: Security & Infrastructure Engineer Experience: 2 – 4 yrs Primary Focus: Infra management + security tool deployment & tuning Expanded Scope: Vulnerability management, threat detection, incident response Tier: Tier 3 Title: Senior Security & Infra Engineer Experience: 4 – 6 yrs Primary Focus: Security architecture, advanced engineering, client delivery Expanded Scope: SOC lead support, threat hunting, mentoring junior staff Tier: Tier 4 Title: Lead / Principal Engineer Experience: 6+ yrs Primary Focus: Technical leadership, solution design, cross-team oversight Expanded Scope: Strategic input, pre-sales support, practice development KEY RESPONSIBILITIES A |  Infrastructure & Network Engineering Core responsibilities from day one. These form the technical foundation from which security responsibilities expand. •      Design, deploy, and maintain LAN/WAN, SD-WAN, VPN, and network switching infrastructure for internal and client environments •      Configure and manage NGFW platforms (Palo Alto, Fortinet, Cisco ASA/FTD), IDS/IPS, load balancers, and access control systems •      Administer on-premises servers, virtualisation platforms (VMware/Hyper-V/Proxmox), and hybrid/cloud environments (AWS, Azure, GCP) •      Implement network segmentation, VLAN design, Zero Trust architecture principles, and least-privilege access models •      Manage identity and access control infrastructure including Active Directory, RADIUS, MFA, and SSO solutions •      Conduct routine health checks, capacity planning, patch management, and performance optimisation of infrastructure components •      Maintain accurate and up-to-date network diagrams, run books, and technical documentation for all managed environments •      Ensure infrastructure uptime SLAs are met for managed service clients and contribute to BCP/DR planning and testing •      Provide L2/L3 technical support for infrastructure-related incidents and conduct root cause analysis B |  Cybersecurity Engineering Responsibilities that develop from Tier 1 and become primary focus areas from Tier 2 onward. •      Deploy, configure, and tune security technologies including SIEM, EDR/XDR, DLP, PAM, WAF, email security gateways, and endpoint protection platforms •      Develop and maintain SIEM detection rules, correlation logic, and automated response playbooks withinSOAR platforms •      Conduct regular vulnerability assessments using scanning tools, track findings, and coordinate remediation with client teams •      Implement and validate security hardening baselines for servers, endpoints, network devices, and cloud workloads •      Support cloud security posture management (CSPM) — assessing misconfigurations and enforcing security controls across AWS, Azure, and GCP •      Integrate security tooling with network infrastructure (log forwarding, SIEM connectors, NetFlow, syslog pipelines) •      Evaluate new security products and technologies and provide technical recommendations to leadership •      Participate in penetration testing engagements and red/blue team exercises to validate control effectiveness •      Participate in leveraging AI, LLM, Agentic AI to perform cybersecurity task and/or participate in development of AI solutions and tools C |  Security Operations (SOC) Operational security responsibilities that run concurrently with Sections A and B, scaling in depth with career tier. •      Monitor security events and alerts across client environments using SIEM, EDR, and network security platforms •      Triage, investigate, and escalate security alerts — distinguishing genuine threats from false positives with speed and accuracy •      Execute incident response procedures including initial containment, evidence preservation, root cause analysis, and client communication •      Investigate phishing attempts, malware infections, lateral movement, and other common threat scenarios •      Document security events and incidents with clear, accurate records in the ticketing system and produce client-facing incident reports •      Apply threat intelligence(IoCs, TTPs) to enrich alert context and proactively hunt for threats within client environments •      Tune alert thresholds andSIEM rules to improve detection accuracy and reduce alert fatigue over time •      Contribute to post-incident reviews and ongoing improvement of SOC playbooks and response procedures TECHNICAL SKILLS & KNOWLEDGE Candidates are not expected to be proficient in every area on day one. We look for a strong foundation in infrastructure/networking and demonstrated interest or exposure to security tooling and operations. •      Networking: TCP/IP, BGP,OSPF, MPLS, SD-WAN, VLANs, QoS, DNS, DHCP, 802.1X •      Firewall & NetworkSecurity: Palo Alto (NGFW/Panorama), Fortinet FortiGate, Cisco ASA/FTD, JuniperSRX, IDS/IPS •      Cloud: AWS (VPC, EC2,Security Groups, IAM), Azure (VNet, NSG, Azure Firewall, Defender), basic GCP •      Virtualisation: VMware vSphere/ESXi, Microsoft Hyper-V, Proxmox •      Operating Systems: Linux(Ubuntu/RHEL) administration, Windows Server 2019/2022 •      SIEM & SOC Tools:Microsoft Sentinel, Splunk, IBM QRadar, Elastic SIEM (any one platform) •      EDR/XDR: CrowdStrikeFalcon, Microsoft Defender for Endpoint, SentinelOne •      Vulnerability Management:Nessus, Qualys, OpenVAS, or equivalent scanning tools •      Threat Intelligence: MITRE ATT&CK framework, VirusTotal, IoC feeds, MISP •      Monitoring: SolarWinds,PRTG, Zabbix, Grafana, or equivalent •      Frameworks & Standards:NIST CSF, CIS Controls v8, ISO 27001 concepts •      Scripting & Automation(Advantageous): Python, PowerShell, Bash, Ansible, or Terraform •      AI and Agentic AI: ChapGPT, Claude, Perplexity, Gemini COMPETENCIES & SOFT SKILLS •      Self-motivated and genuinely curious — you read security blogs, follow threat feeds, and learn without being told to •      Methodical and detail-oriented in infrastructure changes, documentation, and incident handling •      Strong analytical thinking— comfortable connecting disparate data points to form a clear picture •      Calm under pressure; able to prioritise and respond effectively during live security incidents •      Clear communicator — able to explain technical findings to both technical peers and non-technical client stakeholders •      Collaborative and willing to support teammates across both infrastructure and security functions •      Adaptable — you embrace wearing multiple hats and see breadth as a career advantage, not a burden EDUCATION & EXPERIENCE Education Bachelor's Degree inComputer Science, Information Technology, Cybersecurity, Network Engineering, or a related discipline. Diploma holders with strong hands-on experience and relevant certifications are equally encouraged to apply. We value demonstrated capability over pedigree. Experience 0–2 years for Tier 1entry; 2–4 years for mid-level placement. Candidates with exposure to any combination of network engineering, system administration, security operations, or cybersecurity tooling are welcome. Hands-on lab work, home lab experience, CTF participation, or internships are all considered relevant experience. PREFERRED CERTIFICATIONS Certifications listed below span all three disciplines. Candidates are not expected to hold all of these — relevant certifications to your tier and focus area are sufficient. Insyghts Security fully sponsors certifications as part of your development plan. • CompTIA Network+ • CompTIA Security+ • CCNA • Fortinet NSE 4+ • Palo Alto PCNSA • CompTIA CySA+ • Microsoft SC-200 • AWS Solutions Arch. • CEH • Azure Admin (AZ-104) • OSCP (Senior) • GIAC GSEC / GCIA WHY JOIN INSYGHTS SECURITY? •      A rare opportunity to build multi-disciplinary expertise across infrastructure, security engineering, AND security operations — all in one role •      Structured career progression from Junior Engineer through to Senior and Lead levels, with clear milestones and genuine support •      Fully sponsored professional certifications — we invest in your growth because your growth is our growth •      Exposure to real, diverse client environments across government, financial services, healthcare, and enterprise sectors •      Work alongside experienced security professionals who mentor and share knowledge openly •      Competitive salary package that grows with your tier progression •      A lean, collaborative team where your contributions are visible, valued, and impactful from day one •      Flexible hybrid working arrangements and a leadership team that genuinely cares about work-life balance