62 Application Security jobs in South Africa
Application Security Engineer
Posted today
Job Viewed
Job Description
Who we are
We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.
Job summary
As an Application Security Engineer within our cybersecurity team, you will help safeguard the company's web applications and services by supporting the integration of security practices into the Software Development Life Cycle (SDLC). You will collaborate with development, DevOps, and security teams to identify, assess, and remediate vulnerabilities, contribute to secure coding practices, and assist in implementing DevSecOps tooling and processes. This role is ideal for someone with a strong technical foundation who is eager to grow within the product/application security space
What you will do
- Support the integration of security controls and best practices across various phases of the SDLC.
- Assist in security assessments, including static and dynamic code analysis, open-source dependency analysis, and limited penetration testing.
- Participate in manual and automated code reviews to identify potential vulnerabilities and coding flaws.
- Collaborate with software engineers to promote secure development practices, including the use of security testing tools in CI/CD pipelines.
- Contribute to the evaluation, deployment, and tuning of DevSecOps tools such as SAST, DAST, and SCA platforms.
- Help maintain secure deployment workflows and support security automation efforts.
- Participate in cross-functional security reviews of new features and systems with guidance from senior engineers.
- Stay up to date on current security threats, vulnerabilities, and best practices in application security.
- Assist with triaging vulnerabilities from internal scans, bug bounty submissions, or external assessments.
- Document processes and playbooks to support consistent and scalable security practices.
- Provide input to the development of internal security standards and reference architectures.
- Support remediation efforts in collaboration with engineering teams.
- Participate in promoting a security-first culture across the organization.
- Other duties and responsibilities as assigned.
What you will have
- Bachelor's degree in computer science, cybersecurity, or a related technical field (essential)
- 4+ years of experience in cybersecurity, software engineering, or DevOps, with at least 1–2 years focused on application or product security (strongly preferred).
- Familiarity with DevSecOps tools (SAST, DAST, SCA) and secure SDLC methodologies (essential)
- Solid understanding of common web application vulnerabilities (e.g., OWASP Top 10, CWE) and remediation strategies.
- Experience with programming/scripting languages such as Python, JavaScript, or Java.
- Ability to analyze code and spot security issues with guidance.
- Strong communication and collaboration skills.
- Strong attention to detail and willingness to learn new technologies.
Nice to have
- Hands-on experience with CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins).
- Experience contributing to or managing a bug bounty triage process.
- Exposure to cloud platforms such as AWS, Azure, or GCP.
- Familiarity with security standards and frameworks such as NIST, OWASP SAMM, ISO 27001, or PCI DSS.
- Experience working in a regulated environment (e.g., financial services, healthcare, or government).
- Professional certifications such as Security+, CEH, eJPT, or equivalent (OSCP or similar preferred but not required).
Benefits
- Provident Fund
- Medical Aid + Gap Cover
- Employee Assistance Program
- Gym Reimbursement
- Life Insurance
- Disability Insurance
- Sabbatical
__PRESENT
__PRESENT
__PRESENT
__PRESENT
Senior Application Security Engineer
Posted today
Job Viewed
Job Description
Who we are
We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.
Job summary
As a Senior Application Security Engineer specializing in application security and DevSecOps within our cybersecurity team, you will play a crucial role in safeguarding our company's web applications by integrating security practices into the Software Development Life Cycle (SDLC). You will be responsible for the proactive identification, assessment, and mitigation of security vulnerabilities, developing and driving the adoption of DevSecOps practices, and ensuring that security is embedded in all phases of software development.
What you will do
- Lead the integration of security measures into the SDLC, ensuring that all aspects of web application development are secure by design.
- Conduct thorough security assessments and penetration testing for web applications to identify vulnerabilities and security gaps.
- Play an advisory role with software engineering teams in the architectural design of new applications, emphasizing secure architectural patterns and best practices.
- Perform and coordinate manual and automated code reviews.
- Lead threat modeling exercises across engineering teams.
- Collaborate with software development teams to implement DevSecOps practices, providing guidance on secure coding, automated security testing, and continuous monitoring.
- Contribute to internal security tooling development or integration.
- Develop and maintain a secure framework for code deployment, automating security processes where possible to streamline the development workflow.
- Work cross-functionally with various teams, including IT, engineering, operations, and business units, to communicate security policies and procedures effectively.
- Establish and maintain strong relationships with stakeholders, presenting complex security concepts in an accessible manner.
- Stay abreast of the latest security threats, trends, and technologies in web application security and incorporate this knowledge into company practices.
- Assist in the development and enforcement of security policies and procedures, ensuring compliance with industry standards and regulations.
- Assist with managing bug bounty program.
- Develop program documentation to promote operational stability and scalability.
- Support Leadership in defining and executing the roadmap for DevSecOps maturity and secure SDLC initiatives.
- Support governance and compliance teams on secure engineering practices for aligning security policies related to SDLC
- Drive and support security identified remediation efforts.
- Foster and promote a security-forward culture.
- Mentor junior team members.
- Other duties and responsibilities, as assigned.
What you will have
- Bachelor's or master's degree in computer science, cybersecurity, or a related field.
- Professional security certifications such as CISSP, OSCP, CEH, or equivalent are highly desirable.
- 5+ years of experience in cybersecurity, with a focus on web application security and secure SDLC.
- Experience with red team implementation and methodologies.
- Proven track record of working with DevSecOps tools (such as SAST/DAST/SCA) and methodologies.
- Strong understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities.
- Proficiency with programming/scripting languages such as JavaScript, Python, Java, Bash, PowerShell
- Excellent communication skills with the ability to engage technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities, with a meticulous attention to detail.
- Advanced level of knowledge of Information Security design concepts and principles
Nice to have
- Master's degree in a technical discipline
- Experience working in highly regulated environments.
- Advanced level of knowledge of IT frameworks and standards (NIST, OWASP Top Ten, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust, FedRAMP)
- Certified Information Systems Auditor (CISA)
- AWS Solutions Architect
Benefits
- Provident Fund
- Medical Aid + Gap Cover
- Employee Assistance Program
- Gym Reimbursement
- Life Insurance
- Disability Insurance
- Sabbatical
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
__PRESENT
Application / Platform Security Engineer
Posted today
Job Viewed
Job Description
Design and implement secure architecture for applications and platforms.
Conduct vulnerability assessments, code reviews, and penetration testing.
Collaborate with development and DevOps teams to embed security into CI/CD pipelines.
Monitor and respond to security incidents, ensuring timely resolution and documentation.
Maintain threat models and risk assessments for critical systems.
Support or lead security audits and compliance initiatives (e.g., ISO 27001, SOC 2).
Evaluate and integrate security tools and technologies to enhance platform resilience.
Mentor junior engineers and contribute to security best practices and governance.
For the specialist role - experience in training stakeholders in security measures is required
National Diploma or Degree in ICT
Security Certification* in AWS orMicrosoft or Oracle
Years of experience required - 4(mid-level) to 6(Senior/Specialist) years of experience in Platform/Application Security
Preferred:
Strong understanding of secure coding practices, example - OWASP Top 10, and SDLC.
Hands-on experience with security tools (e.g., SAST, DAST, SIEM, container security).
Familiarity with cloud platforms (AWS, Azure, GCP) and infrastructure-as-code.
Experience with scripting or automation (e.g., Python, Bash, PowerShell).
Knowledge of identity and access management, API security, and secrets management.
Certifications such as CISSP, OSCP, CEH, or equivalent.
Experience with zero trust architecture or runtime protection.
Exposure to Agile/Scrum environments and DevSecOps practices.
Between 3 - 5 Years
Application/Platform Security Engineer
Posted today
Job Viewed
Job Description
DLK Group | Contract
Application/Platform Security Engineer (Specialist)
Cape Town, South Africa | Posted on 09/10/2025
check(event) ; career-website-detail => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> check(event)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteColorBtn" lyte-rendered=""> {{getI18n("")}}
Share this job with your network
- openurl(event)">
- openurl(event)">
- openurl(event)">
- openurl(event)">
- openurl(event)">
- copyLink(event)">
- load_list_page(event)"> Job listing
- Job details
Job Information
- Date Opened 09/10/2025
- Job Type Contract
- Industry IT Services
- Work Experience 7-10 years
- Salary Market related salary
- City Cape Town
- Province Western Cape
- Country South Africa
- Postal Code 7400
Job Description
The role of the Specialist Application/Platform Security Engineer is to design and implement security measures for applications and platforms and encompasses many activities including (but not limited to):
- Conducting security assessments and vulnerability testing
- Monitoring and responding to security incidents and threats
- Ensuring compliance with security standards and regulations
- Developing and enforcing security policies and procedures
- Collaborating with development teams to integrate security into the SDLC
- Providing security training and awareness for stakeholders
- Performing regular security audits and risk assessments
- Implementing and managing security tools and technologies
- Staying updated with the latest security trends and best practices
Requirements
- NQF 6 or a Degree in Information Communication Technology (ICT) field incorporating (but not limited to) Information Systems;
- Microsoft certification or Oracle Certification or AWS security certification, and
- Minimum of 6 years' experience as a Senior Application/Platform Security Engineer.
check(event) ; career-website-detail-template-2 => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">
Application/Platform Security Engineer
Posted today
Job Viewed
Job Description
The role of the Specialist Application/Platform Security Engineer is to design and implement security measures for applications and platforms and encompasses many activities including (but not limited to):
- Conducting security assessments and vulnerability testing
- Monitoring and responding to security incidents and threats
- Ensuring compliance with security standards and regulations
- Developing and enforcing security policies and procedures
- Collaborating with development teams to integrate security into the SDLC
- Providing security training and awareness for stakeholders
- Performing regular security audits and risk assessments
- Implementing and managing security tools and technologies
- Staying updated with the latest security trends and best practices
- NQF 6 or a Degree in Information Communication Technology (ICT) field incorporating (but not limited to) Information Systems;
- Microsoft certification or Oracle Certification or AWS security certification, and
- Minimum of 6 years' experience as a Senior Application/Platform Security Engineer.
Specialist Application/Platform Security Engineer
Posted 12 days ago
Job Viewed
Job Description
Senior Application/Platform Security Engineer
Posted 12 days ago
Job Viewed
Job Description
Role Purpose The Senior Application/Platform Security Engineer is responsible for designing, implementing, and managing advanced security measures to safeguard the organization’s applications and platforms. This role focuses on proactively identifying, mitigating, and managing risks, while embedding security best practices throughout the software development lifecycle (SDLC).
Key Responsibilities Design, implement, and oversee robust security measures for applications and platforms.Lead comprehensive security risk assessments, penetration testing, and vulnerability analysis.Develop, implement, and maintain security policies, standards, and best practices.Collaborate closely with development and operations teams to ensure security is integrated across the SDLC.Evaluate, recommend, and deploy security tools, technologies, and frameworks.Monitor emerging cybersecurity threats, trends, and technologies to maintain a proactive security posture.Investigate and respond to security incidents, ensuring effective resolution and continuous improvement.Provide technical leadership, mentorship, and knowledge sharing to Mid and Junior Security Engineers.Prepare detailed technical documentation and compliance reports.Support organizational compliance with relevant security and regulatory standards (e.g., ISO 27001, GDPR, NIST).
RequirementsNQF Level 6 or a Degree in Information Communication Technology (ICT) or a related field (e.g., Information Systems, Computer Science, Cybersecurity).Relevant Certifications: Microsoft Security, Oracle, or AWS Security Certification (or equivalent industry-recognized credentials).Minimum of 5 years’ experience as a Senior Application/Platform Security Engineer or in a similar advanced security engineering role.Proven experience leading complex security initiatives and implementing enterprise-level security solutions.Key Skills & Competencies (for PNet/CareerJunction posting):Application and Platform Security ArchitectureVulnerability Assessment & Penetration TestingSecurity Risk Management & Compliance (ISO 27001, NIST, GDPR)Secure SDLC / DevSecOps IntegrationCloud Security (AWS, Azure, Oracle Cloud)Authentication, Encryption & Identity ManagementThreat Detection, Incident Response & MitigationSecurity Tools & Frameworks (SIEM, DAST, SAST, IDS/IPS)Be The First To Know
About the latest Application security Jobs in South Africa !
Application/Platform Security Engineer (Specialist)
Posted 18 days ago
Job Viewed
Job Description
Mid-Level Application/Platform Security Engineer
Posted 12 days ago
Job Viewed
Job Description
Role Purpose The Mid-Level Application/Platform Security Engineer is responsible for ensuring the security and integrity of the organization’s applications and platforms. This role involves performing security assessments, implementing robust security controls, and supporting the resolution of security incidents. The successful candidate will collaborate closely with development and operations teams to ensure that all systems adhere to security best practices and compliance standards.
Key Responsibilities Conduct routine security assessments, audits, and vulnerability scans of applications and platforms.Implement and maintain security controls, including authentication, authorization, encryption, and monitoring tools.Assist in security incident response and perform root cause analysis to prevent recurrence.Collaborate with development, DevOps, and infrastructure teams to address identified vulnerabilities and improve security posture.Support the Senior Engineer in developing and maintaining security policies, procedures, and guidelines.Stay updated on emerging security threats, technologies, and industry best practices to ensure proactive protection.
RequirementsNQF Level 6 qualification or a Degree in Information Communication Technology (ICT) or related field (e.g., Information Systems, Computer Science, or Cybersecurity).Microsoft, Oracle, or AWS Security Certification (or equivalent recognized certification).Minimum of 4 years’ experience as a Security Engineer or Platform Engineer, with exposure to application and infrastructure security.Strong understanding of application and platform security principles (e.g., OWASP, CIS Benchmarks).Proficiency in security tools and technologies such as SIEM, IDS/IPS, and vulnerability management systems.Experience with cloud security across AWS, Azure, or Oracle Cloud environments.Knowledge of authentication and encryption protocols (e.g., SAML, OAuth, TLS, PKI).Scripting ability for automation (e.g., Python, PowerShell, or Bash).Security Engineer
Posted today
Job Viewed
Job Description
- Establish and maintain cybersecurity standards, controls and compliance frameworks (SOC2, HiTrust, PCI DSS).
- Monitor security operations, controls and regulatory alignment across the business.
- Perform security design reviews, vulnerability scanning, penetration testing and remediation.
- Own security tooling lifecycle (selection, implementation, maintenance).
- Lead audit readiness and external engagements for cybersecurity certifications.
- Securely plan, deploy and maintain IT and cloud infrastructure with a cybersecurity focus.
- Implement and mature processes for threat detection, prevention and incident response.
- Define and enforce infrastructure and software security standards with Dev, IT and DevOps.
- Lead disaster recovery and crisis communication processes.
- Manage vendors and collaborate across teams to maintain secure environments.
- Identify, assess and mitigate cybersecurity and privacy risks across products and services.
- Improve automation of security controls and secure SDLC processes.
- Drive remediation of audit and risk findings, ensuring non-recurrence.
- Manage internal/external security audits and maintain risk documentation.
- Own the cybersecurity roadmap, evidence packs, audit calendar and reporting.
- Maintain centralised documentation of security assets, controls and test outcomes.
- Approve and store penetration test and vulnerability scan outcomes with remediation tracking.
- Ensure documentation meets certification and customer-audit requirements.
- AWS Well Architected Framework
- Trusted Advisor
- GuardDuty / SCP / SSM / IAM / WAF
- Container services such as ECS/EKS
- Incident detection and response management.
- Performing penetration tests and vulnerability scans against networks and infrastructure, applications and AWS environments.
- Drafting and implementing security policies, security procedures, security design and implementation