The Lead Engineer is the senior operational engineer and shift lead, responsible for the stability, performance, and lifecycle management of client security devices/services across the Managed Protect portfolio.
This role requires high technical depth in platform operations, strong troubleshooting capability, and the ability to lead shift activities with quality and confidence.
Lead engineers are device/service specialists, not security analysts. Their focus is on operational excellence, not threat analysis or risk advisory. applicants must demonstrate and document expert-level hands-on skills in at least one major vendor/platform family, with strong cross-platform awareness to operate within a multi-vendor environment.
Responsibilities:
Shift Management & Leadership
Operational Leadership & Shift Command
Serve as Shift Lead, ensuring operational continuity and quality.
Guide L0-L2 engineers through task planning, prioritisation, troubleshooting support, and mentoring.
Conduct clear and structured shift handovers, including change windows, active incidents, risks, and pending tasks.
Ensure compliance with SOPs, SLAs, documentation standards, and escalation procedures.
Deep Technical Troubleshooting & Fault Isolation
L3 engineers are expected to perform complex, root-cause-level analysis using advanced techniques:
Packet captures, session analysis, and flow correlation
CLI/API-level debugging
Diagnosing routing, NAT, HA, platform behaviour, load issues, and access failures
Configuration, Health Checks & Lifecycle Execution
Aligned to Managed Protect's standard service lifecycle (Onboarding Change Management Audit Migration Offboarding):
Review and execute advanced configuration changes
Validate changes from L1/L2 before implementation
Incident Handling & Escalation Management
Act as the highest in-shift technical escalation point
Lead incident bridges for device/service outages
Provide technical updates focused on operational status (not security threat intelligence)
Drive restoration efforts, workarounds, and stable recovery
Documentation & Continuous Improvement
Produce clear, structured documentation for all activities
Maintain SOPs, runbooks, troubleshooting guides, and configuration templates
Identify recurring operational issues and recommend improvements or automation
Promote engineering discipline and consistency across the team
Escalations & Incident Management
Act as the highest point of escalation within the shift.
Lead incident bridges for major outages or customer-impacting events.
Perform deep RCA (Root Cause Analysis) on demand.
Validate changes before implementation and approve complex technical changes.
Continuous Improvement & Documentation
Regularly audit configurations, improve security posture, and optimise performance.
Develop and maintain high-quality documentation, workflows, and runbooks.
Lead initiatives for automation, monitoring improvements, and process optimisation.
About SHQ:
SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone. SecurityHQ - We're focused on engineering cybersecurity, by design.
Job Reference Number
IN014
Essential Skill:
Troubleshooting Techniques
Packet capture and deep session analysis
Application traffic-path validation
Flow/NetFlow/IPFIX correlation
SSL/TLS handshake debugging
Routing and switching diagnostics (L2/L3)
HA/failover interpretation
Logging and event correlation
Policy troubleshooting (security, NAT, application, routing)
Configuration & Lifecycle Techniques
Vendor best-practice configuration standards
Structured, readable, least-privilege configurations
Segmentation and access-control architectures
Firmware/upgrade handling and rollback strategies
Migration and cutover planning/execution
Education & Experiences:
Education
Any Graduate
Experience Requirements
5-10 years in Network & Security Engineering roles.
2-3 years as a senior escalation or team lead in a Managed Services or MSSP environment preferred.
Proven ability to manage complex platform issues and major incidents
Experience across multiple technologies (firewalls, SASE/ZTNA, PAM, switching, ADC etc.)
Certifications (Preferred but not required)
Focused on platform operations, not broad cybersecurity: