Skip to Content

Technical Security Engineer

Kampala, Uganda

The Technical Security Engineer will serve as the technical backbone of CPS Uganda's security practice, responsible for architecting, deploying, and operationalizing security solutions that protect client environments across cloud infrastructure, endpoints, identities, and data. The role demands deep hands-on expertise across Microsoft's security stack — including Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Entra ID — as well as complementary platforms such as Sophos, Acronis, and Veeam.

As the primary technical authority on security engagements, you will assess client environments, identify vulnerabilities, design fit-for-purpose security architectures, and lead implementation from scoping through to go-live. You will work across SMB, SMC, and Enterprise environments, engaging directly with IT teams and security leadership to strengthen security posture, ensure compliance, and build long-term cyber resilience.


Customer Relationship
Technical Expertise
Multi-stakeholder  
Results-oriented
Challenge conventional thinking

Key Responsibilities

  1. Security Architecture & Solution Design
  •    Assess client security environments and design end-to-end security architectures tailored to their risk profile, compliance requirements, and infrastructure maturity
  •    Architect and implement Zero Trust frameworks, identity and access management (IAM), and data loss prevention (DLP) strategies across Microsoft 365 and Azure environments
  •   Design threat protection solutions spanning endpoint, email, identity, cloud workload, and data layers
  •    Develop security roadmaps that address immediate vulnerabilities while building toward long-term cyber resilience
  •    Translate complex technical findings into structured remediation plans with clear priorities, timelines, and ownership
  •    Maintain technical documentation including architecture diagrams, configuration baselines, and solution design records
2.  Client Engagement & Technical Advisor
  •    Serve as the primary technical point of contact throughout the security engagement lifecycle, from discovery and assessment through deployment and handover
  •    Conduct technical workshops, security briefings, and envisioning sessions with IT teams, security leads, CIOs, and CISOs
  •    Present security assessment findings, architecture proposals, and risk remediation strategies in clear, business-relevant language
  •    Guide clients through security decisions by explaining trade-offs, technical constraints, and recommended approaches
  •    Develop technical scoping documents, solution designs, and statements of work that accurately reflect client requirements and engagement complexity
  •    Maintain ongoing technical relationships with clients, providing guidance as their environments evolve and new threats emerge
3. Deployment, Configuration & Implementation
  •   Hands-on deployment and configuration of security solutions across Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps), Microsoft Sentinel, Purview, and Entra ID
  •    Configure SIEM rules, detection policies, alert logic, and automated response playbooks within Microsoft Sentinel
  •    Implement endpoint protection, vulnerability management, and device compliance policies via Microsoft Intune and Defender for Endpoint
  •   Deploy and configure data protection solutions including Microsoft Purview Information Protection, DLP policies, and insider risk management turnaround of proposals and quotations
  •    Implement Sophos, Acronis, and Veeam solutions for endpoint security, backup, and disaster recovery in accordance with client requirements
  •    Validate deployments through functional testing, security reviews, and post-implementation health checks


4. . Incident Response & Threat Management
  •    Monitor client environments for threats, anomalies, and policy violations using SIEM, EDR, and cloud security tooling
  •     Lead investigation and containment of security incidents, working methodically through triage, analysis, containment, eradication, and recovery
  •    Conduct root cause analysis following incidents and produce structured post-incident reports with clear remediation actions
  •    Develop and maintain security playbooks, escalation procedures, and incident response documentation
  •   Perform proactive threat hunting activities to identify indicators of compromise before they escalate
  •    Support clients in building internal incident response capability through knowledge transfer and documentation
5.  Compliance, Vulnerability Management & Security Assurance
  •   Assess client environments against relevant compliance frameworks including ISO 27001, NIST CSF, CIS Controls, GDPR, and applicable local data protection regulations
  •    Conduct regular vulnerability assessments, configuration reviews, and security posture evaluations
  •    Identify and prioritize remediation actions based on risk severity, exploitability, and business impact
  •    Support internal and external audit processes by providing technical evidence, configuration documentation, and security control mappings
  •    Implement and validate security hardening benchmarks across operating systems, cloud workloads, and network infrastructure
  •    Track remediation progress and provide clients with regular security posture reporting
6. Continuous Improvement & Technical Developmen
  •     Stay current with the evolving threat landscape, emerging attack techniques, and security vendor roadmaps
  •     Contribute to the development of CPS Uganda's internal security practice; including technical playbooks, configuration standards, and delivery frameworks
  •   Share knowledge across the technical team through internal documentation, peer reviews, and informal training
  •     Participate in security community engagements, Microsoft technical programs, and relevant industry forums
  •    Identify opportunities to improve security delivery efficiency, tooling, and client outcomes based on lessons learned across engagements
  •    Drive accountability for underperforming territories, accounts, or market segments through corrective action plans

Requirements


  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or Engineering (Computer, Software, Electrical, or Telecommunications)
  • A degree in a related technical field is acceptable when combined with strong hands-on experience in cybersecurity or cloud security operations
  • Minimum of 3 years of hands-on experience in a cybersecurity, cloud security, or IT security operations role
  • Demonstrable experience deploying and managing Microsoft security solutions in live client or production environments
  • Strong analytical and problem-solving skills with the ability to work methodically under pressure
  • Clear written and verbal communication skills, able to document technical work accurately and explain findings to non-technical stakeholders
  • Ability to manage multiple concurrent engagements and prioritize effectively



Mandatory Skills & Certifications

Proven hands-on experience deploying Microsoft Defender, Microsoft Sentinel, Purview, and Entra ID in enterprise or mid-market environments  

Demonstrated ability to conduct security assessments, vulnerability reviews, and threat investigations

 Working knowledge of at least one compliance framework; ISO 27001, NIST CSF, CIS Controls, or equivalent



Added Advantage Certifications

AZ-500 (Microsoft Azure Security Engineer)  

  SC-300 (Microsoft Identity & Access Administrator)

MS-500 (Microsoft 365 Security Administrator)  

CompTIA Security+ or CEH (Certified Ethical Hacker)  

  Sophos Certified Engineer or Architect

  ISO 27001 Lead Implementer or Lead Auditor

Experience delivering managed security services in a partner or MSSP environment will be a strong advantage

SC-900 (Microsoft Security, Compliance & Identity Fundamentals) : minimum baseline

SC-200 (Microsoft Security Operations Analyst): mandatory for candidates with 2+ years of experience   

Apply Now!