ROLE OVERVIEW At Insyghts Security, we believe that the strongest cybersecurity professionals are those who deeply understand the infrastructure they protect. This is a purposefully broad, growth-oriented role designed for a driven individual who wants to build a holistic career across infrastructure engineering, cybersecurity engineering, and security operations — all within a single, evolving position. You will begin by taking ownership of core infrastructure and network engineering responsibilities, providing you with an intimate understanding of how client environments are built and how they function. As you grow in confidence and expertise, your scope will naturally expand to include cybersecurity engineering — designing and operating security controls — and security operations work such as threat monitoring, incident triage, and detection. These disciplines are not sequential checkboxes; at Insyghts Security, you are expected to develop them concurrently as the business and your capabilities grow. This role is ideal for a technically curious, self-driven professional who is excited by variety, thrives in a lean team environment, and wants to be genuinely multi-skilled rather than narrowly specialised. The career path ahead is clear and well-supported — from junior engineer through to senior specialist and, for those with the drive, leadership opportunities as the company scales. CAREER PROGRESSION FRAMEWORK This role is structured around four career tiers. Advancement is driven by demonstrated competency across all three disciplines — infrastructure, security engineering, and security operations — not by time served alone. Tiers 1 and 2 may overlap and develop concurrently; this is by design. Tier: Tier 1 Title: Junior Security & Infra Engineer Experience: 0 – 2 yrs Primary Focus: Infrastructure build, network config, system administration Expanded Scope: Alert monitoring, SOC support, basic incident triage Tier: Tier 2 Title: Security & Infrastructure Engineer Experience: 2 – 4 yrs Primary Focus: Infra management + security tool deployment & tuning Expanded Scope: Vulnerability management, threat detection, incident response Tier: Tier 3 Title: Senior Security & Infra Engineer Experience: 4 – 6 yrs Primary Focus: Security architecture, advanced engineering, client delivery Expanded Scope: SOC lead support, threat hunting, mentoring junior staff Tier: Tier 4 Title: Lead / Principal Engineer Experience: 6+ yrs Primary Focus: Technical leadership, solution design, cross-team oversight Expanded Scope: Strategic input, pre-sales support, practice development KEY RESPONSIBILITIES A | Infrastructure & Network Engineering Core responsibilities from day one. These form the technical foundation from which security responsibilities expand. • Design, deploy, and maintain LAN/WAN, SD-WAN, VPN, and network switching infrastructure for internal and client environments • Configure and manage NGFW platforms (Palo Alto, Fortinet, Cisco ASA/FTD), IDS/IPS, load balancers, and access control systems • Administer on-premises servers, virtualisation platforms (VMware/Hyper-V/Proxmox), and hybrid/cloud environments (AWS, Azure, GCP) • Implement network segmentation, VLAN design, Zero Trust architecture principles, and least-privilege access models • Manage identity and access control infrastructure including Active Directory, RADIUS, MFA, and SSO solutions • Conduct routine health checks, capacity planning, patch management, and performance optimisation of infrastructure components • Maintain accurate and up-to-date network diagrams, run books, and technical documentation for all managed environments • Ensure infrastructure uptime SLAs are met for managed service clients and contribute to BCP/DR planning and testing • Provide L2/L3 technical support for infrastructure-related incidents and conduct root cause analysis B | Cybersecurity Engineering Responsibilities that develop from Tier 1 and become primary focus areas from Tier 2 onward. • Deploy, configure, and tune security technologies including SIEM, EDR/XDR, DLP, PAM, WAF, email security gateways, and endpoint protection platforms • Develop and maintain SIEM detection rules, correlation logic, and automated response playbooks withinSOAR platforms • Conduct regular vulnerability assessments using scanning tools, track findings, and coordinate remediation with client teams • Implement and validate security hardening baselines for servers, endpoints, network devices, and cloud w…