Network Security Specialist

Recruiter

Gijima Holdings

Job Ref

HR000261/EV

Date posted

Tuesday, June 9, 2026

Location

Midrand, South Africa

SUMMARY

PURPOSE

We are looking for a seasoned Network Security Engineer to join our enterprise security team. You will own the design, implementation, and deep troubleshooting of our security infrastructure — from next generation firewalls and WAFs through to IPS, NDR platforms, and our evolving Zero Trust framework. This is a hands-on technical role for someone who is as comfortable in the CLI as they are drawing architecture diagrams.

You will be a key voice in our shift to a perimeter-less security model, advising the business, mentoring junior engineers, and staying ahead of the threat landscape.

POSITION INFO

FORMAL EDUCATION: Grade 12 Information Technology or related field required EXPERIENCE: +5 years' technical experience in deployment of NGFW platforms (Palo Alto, Fortinet, Checkpoint) + 5 years' experience in Technical Information Security positions Alignment and experience with good practices essential (NIST, ISO27001 or equivalent) Practical experience in development of policy and standards Network-based security experience is essential Strong understanding of Zero Trust frameworks (NIST 800-207, ZTNA) Solid networking fundamentals - BGP, OSPF, VXLan, SD-WAN, TLS inspection Deception technology or honeypot deployment experience Standards-based architecture with an understanding of how to implement, including compliance monitoring and enforceability TECHNICAL / LEGAL CERTIFICATION: Security Certifications in either Tufin, Firemon, Skybox, Algosec (optional) ITIL foundation certificate (optional) Fortinet NSE 7 certification (mandatory) Fortinet NSE 6 WAF & Forti Authenticator (mandatory) Checkpoint Firewall/Palo Alto Firewall Certification (mandatory) Mimecast or equivalent certification (optional) RESPONSIBILITIES: Design and maintain Zero Trust network architecture across hybrid and multi-cloud environments Configure, tune, and deeply troubleshoot NGFW platforms (Palo Alto, Fortinet, Check Point, or equivalent) Manage and optimise WAF rulesets, signatures, and custom policies to protect web-facing assets Operate and tune IPS sensors - analyse alerts, reduce false positives, and lead incident response Deploy and maintain NDR solutions (e.g. Darktrace, LinkShadow or similar) for east-west traffic visibility Drive micro-segmentation, identity-aware access, and least-privilege network policies Assist analysts with configuration analysis reports and remediation actions Create and maintain configuration baselines for all network platform systems Develop and implement information network and security plans and policies Develop strategies to respond to and recover from a security breach Develop or implement tools to assist in detection, prevention, and analysis of security threats Investigate security breaches. Lead incident response, including steps to minimize the impact and then conducting a technical investigation into how the breach happened and the extent of the damage JOB REQUIREMENTS: KNOWLEDGE: Knowledge of network configuration auditing tools (e.g. Tufin, Firemon, Skybox, Algosec) Knowledge of CIS and other standards (e.g NIST) for network equipment 6+ years in network security engineering roles Knowledge of Wireless configuration best practices Hands-on mastery of at least one enterprise NGFW platform at depth (not just policy changes) Email Gateway Security experience eg. Mimecast or equivalent SASE experience eg. Zscaler or equivalent SKILLS: Advanced communication skills (report writing, email and presentation) Advanced Problem-solving skills Advanced Customer orientation Functional coaching skills Proven WAF experience - OWASP Top 10, custom rule development, bot management KEY COMPENTENCIES: Essential Adhering to Principles and Values Delivering Results and Meeting Customer Expectations Deciding and Initiating Action Planning and Organising Self-driven A Evaluate and onboard new security tooling - presenting business cases and ROI to leadership Writing and Reporting Desirable Exposure to OT/ICS network security Scripting ability for automation (Python, Ansible, or Terraform) Coping with Pressures and Setbacks Experience in cloud environments (AWS/Azure/GCP security constructs) Achieving Personal Work Goals and Objectives Following Instructions and Procedures Learning and Researching