Cloud Productivity Solutions
The Technical Security Engineer will serve as the technical backbone of CPS Uganda’s security practice, responsible for architecting, deploying, and operationalizing security solutions that protect client environments across cloud infrastructure, endpoints, identities, and data. The role demands deep hands-on expertise across Microsoft’s security stack — including Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Entra ID — as well as complementary platforms such as Sophos, Acronis, and Veeam.
As the primary technical authority on security engagements, you will assess client environments, identify vulnerabilities, design fit-for-purpose security architectures, and lead implementation from scoping through to go-live. You will work across SMB, SMC, and Enterprise environments, engaging directly with IT teams and security leadership to strengthen security posture, ensure compliance, and build long-term cyber resilience.
Key Responsibilities
Security Architecture & Solution
Design
Assess client security environments and design end-to-end security architectures tailored to their risk profile, compliance requirements, and infrastructure maturity
Architect and implement Zero Trust frameworks, identity and access management (IAM), and data loss prevention (DLP) strategies across Microsoft 365 and Azure environments
Design threat protection solutions spanning endpoint, email, identity, cloud workload, and data layers
Develop security roadmaps that address immediate vulnerabilities while building toward long-term cyber resilience
Translate complex technical findings into structured remediation plans with clear priorities, timelines, and ownership
Maintain technical documentation including architecture diagrams, configuration baselines, and solution design records
2.
Client Engagement & Technical
Advisor
Serve as the primary technical point of contact throughout the security engagement lifecycle, from discovery and assessment through deployment and handover
Conduct technical workshops, security briefings, and envisioning sessions with IT teams, security leads, CIOs, and CISOs
Present security assessment findings, architecture proposals, and risk remediation strategies in clear, business-relevant language
Guide clients through security decisions by explaining trade-offs, technical constraints, and recommended approaches
Develop technical scoping documents, solution designs, and statements of work that accurately reflect client requirements and engagement complexity
Maintain ongoing technical relationships with clients, providing guidance as their environments evolve and new threats emerge
3.
Deployment, Configuration &
Implementation
Hands-on deployment and configuration of security solutions across Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps), Microsoft Sentinel, Purview, and Entra ID
Configure SIEM rules, detection policies, alert logic, and automated response playbooks within Microsoft Sentinel
Implement endpoint protection, vulnerability management, and device compliance policies via Microsoft Intune and Defender for Endpoint
Deploy and configure data protection solutions including Microsoft Purview Information Protection, DLP policies, and insider risk management turnaround of proposals and quotations
Implement Sophos, Acronis, and Veeam solutions for endpoint security, backup, and disaster recovery in accordance with client requirements
Validate deployments through functional testing, security reviews, and post-implementation health checks
4.
. Incident Response & Threat
Management
Monitor client environments for threats, anomalies, and policy violations using SIEM, EDR, and cloud security tooling
Lead investigation and containment of security incidents, working methodically through triage, analysis, containment, eradication, and recovery
Conduct root cause analysis following incidents and produce structured post-incident reports with clear remediation actions
Develop and maintain security playbooks, escalation procedures, and incident response documentation
Perform proactive threat hunting activities to identify indicators of compromise before they escalate
Support clients in building internal incident response capability through knowledge transfer and documentation
5.
Compliance, Vulnerability
Management & Security Assurance
Assess client environments against relevant compliance frameworks including ISO 27001, NIST CSF, CIS Controls, GDPR, and applicable local data protection regulations
Conduct regular vulnerability assessments, configuration reviews, and security posture evaluations
Identify and prioritize remediation actions based on risk severity, exploitability, and business impact
Support internal and external audit processes by providing technical evidence, configuration documentation, and security control mappings
Implement and validate security hardening benchmarks across operating systems, cloud workloads, and network infrastructure
Track remediation progress and provide clients with regular security posture reporting
6.
Continuous Improvement &
Technical Developmen
Stay current with the evolving threat landscape, emerging attack techniques, and security vendor roadmaps
Contribute to the development of CPS Uganda’s internal security practice; including technical playbooks, configuration standards, and delivery frameworks
Share knowledge across the technical team through internal documentation, peer reviews, and informal training
Participate in security community engagements, Microsoft technical programs, and relevant industry forums
Identify opportunities to improve security delivery efficiency, tooling, and client outcomes based on lessons learned across engagements
Drive accountability for underperforming territories, accounts, or market segments through corrective action plans
Requirements
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or Engineering (Computer, Software, Electrical, or Telecommunications)
A degree in a related technical field is acceptable when combined with strong hands-on experience in cybersecurity or cloud security operations
Minimum of 3 years of hands-on experience in a cybersecurity, cloud security, or IT security operations role
Demonstrable experience deploying and managing Microsoft security solutions in live client or production environments
Strong analytical and problem-solving skills with the ability to work methodically under pressure
Clear written and verbal communication skills, able to document technical work accurately and explain findings to non-technical stakeholders
Ability to manage multiple concurrent engagements and prioritize effectively
Mandatory Skills & Certifications
Proven hands-on experience deploying Microsoft Defender, Microsoft Sentinel, Purview, and Entra ID in enterprise or mid-market environments
Demonstrated ability to conduct security assessments, vulnerability reviews, and threat investigations
Working knowledge of at least one compliance framework; ISO 27001, NIST CSF, CIS Controls, or equivalent
Added Advantage Certifications
AZ-500 (Microsoft Azure Security Engineer)
SC-300 (Microsoft Identity & Access Administrator)
MS-500 (Microsoft 365 Security Administrator)
CompTIA Security+ or CEH (Certified Ethical Hacker)
Sophos Certified Engineer or Architect
ISO 27001 Lead Implementer or Lead Auditor
Experience delivering managed security services in a partner or MSSP environment will be a strong advantage
SC-900 (Microsoft Security, Compliance & Identity Fundamentals) : minimum baseline
SC-200 (Microsoft Security Operations Analyst): mandatory for candidates with 2+ years of experience
CLICK HERE TO SEE DETAILS AND APPLY
