Lead Engineer

Job Description

The Lead Engineer is the senior operational engineer and shift lead, responsible for the stability, performance, and lifecycle management of client security devices/services across the Managed Protect portfolio.

This role requires high technical depth in platform operations, strong troubleshooting capability, and the ability to lead shift activities with quality and confidence.

Lead engineers are device/service specialists, not security analysts. Their focus is on operational excellence, not threat analysis or risk advisory. applicants must demonstrate and document expert-level hands-on skills in at least one major vendor/platform family, with strong cross-platform awareness to operate within a multi-vendor environment.

Responsibilities

• Shift Management & Leadership
• Operational Leadership & Shift Command
• Serve as Shift Lead, ensuring operational continuity and quality.
• Guide L0-L2 engineers through task planning, prioritisation, troubleshooting support, and mentoring.
• Conduct clear and structured shift handovers, including change windows, active incidents, risks, and pending tasks.
• Ensure compliance with SOPs, SLAs, documentation standards, and escalation procedures.
• Deep Technical Troubleshooting & Fault Isolation
• L3 engineers are expected to perform complex, root-cause-level analysis using advanced techniques:
• Packet captures, session analysis, and flow correlation
• CLI/API-level debugging
• Diagnosing routing, NAT, HA, platform behaviour, load issues, and access failures
• Configuration, Health Checks & Lifecycle Execution
  
  

Aligned to Managed Protect's standard service lifecycle (Onboarding Change Management Audit Migration Offboarding):

• Review and execute advanced configuration changes
• Validate changes from L1/L2 before implementation
• Incident Handling & Escalation Management
• Act as the highest in-shift technical escalation point
• Lead incident bridges for device/service outages
• Provide technical updates focused on operational status (not security threat intelligence)
• Drive restoration efforts, workarounds, and stable recovery
• Documentation & Continuous Improvement
• Produce clear, structured documentation for all activities
• Maintain SOPs, runbooks, troubleshooting guides, and configuration templates
• Identify recurring operational issues and recommend improvements or automation
• Promote engineering discipline and consistency across the team
• Escalations & Incident Management
• Act as the highest point of escalation within the shift.
• Lead incident bridges for major outages or customer-impacting events.
• Perform deep RCA (Root Cause Analysis) on demand.
• Validate changes before implementation and approve complex technical changes.
• Continuous Improvement & Documentation
• Regularly audit configurations, improve security posture, and optimise performance.
• Develop and maintain high-quality documentation, workflows, and runbooks.
• Lead initiatives for automation, monitoring improvements, and process optimisation.
  
  

About SHQ

SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage solutions that do three things: Promote clarity and trust in a complex world. Build momentum around improving security posture. And increase the value of cybersecurity investment within organizations. Free from limitations, and inclusive of all requirements, we focus on defending today, while mitigating the risks of tomorrow. And into the future. Our solutions are tailored to our customers and their unique context. Around the clock, 365 days per year, our customers are never alone. SecurityHQ We're focused on engineering cybersecurity, by design.

Job Reference Number

IN014

Essential Skill

Troubleshooting Techniques

• Packet capture and deep session analysis
• Application traffic-path validation
• Flow/NetFlow/IPFIX correlation
• SSL/TLS handshake debugging
• Routing and switching diagnostics (L2/L3)
• HA/failover interpretation
• Logging and event correlation
• Policy troubleshooting (security, NAT, application, routing)
  
  

Configuration & Lifecycle Techniques

• Vendor best-practice configuration standards
• Structured, readable, least-privilege configurations
• Segmentation and access-control architectures
• Firmware/upgrade handling and rollback strategies
• Migration and cutover planning/execution
  
  

Education & Experiences

Education

Any Graduate

Experience Requirements

510 years in Network & Security Engineering roles.

23 years as a senior escalation or team lead in a Managed Services or MSSP environment preferred.

Proven ability to manage complex platform issues and major incidents

Experience across multiple technologies (firewalls, SASE/ZTNA, PAM, switching, ADC etc.)

Certifications (Preferred But Not Required)

Focused on platform operations, not broad cybersecurity:

• Vendor engineer-level certifications (any major platform)
• Technical networking/security certifications (Network+, CCNP, etc.)
• Platform-specific SASE/PAM certifications