78 Chief Security Officer jobs in South Africa

Responsibilities include:

• Develop and execute companies' information security strategy aligned with business goals and digital innovation.

• Serve as a trusted advisor to executives, balancing innovation and cyber risk.

• Drive secure adoption of technologies including cloud, AI, and data analytics.

• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).

• Lead security assessments, technology deployments, and compliance audits.

• Collaborate with ICT, PMO, and Group Risk to manage enterprise-wide security initiatives.

• Ensure compliance with POPIA, GDPR, ISO 27001, and industry standards (NIST, PCI-DSS, CIS).

• Minimise legal, reputational, and financial risk through proactive governance.

• Develop and enforce the companies Cyber Incident Response Plan (CIRP).

• Oversee disaster recovery and continuity planning.

• Lead security audits, assessments, and real-time threat investigations.

• Implement training programs to build cybersecurity awareness across all departments.

• Foster a culture of shared responsibility and high performance within the security function.

• Degree in Information Technology, Business Administration, or related field.

• 7+ years of experience in cybersecurity, risk management, and IT leadership.

• 57 years in a senior information security management role.

• Professional Certifications: CISSP, CISM, CISA, CCSP, or equivalent.

• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.

• Experience in financial services or insurance industries.

• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).

• Ability to lead complex projects in a matrixed, multi-stakeholder environment.

• Proven experience in vendor and contract security negotiations.

• Strong leadership, communication, and analytical skills.

• Strategic and innovative thinking

• Leadership and influence

• Risk and compliance acumen

• Project and resource management

• Exceptional stakeholder communication

• Report writing and dashboard presentation

• Coaching and mentoring for performance

We are looking for a seasoned Chief Information Security Officer (CISO) to lead enterprise-wide cyber security efforts. In this strategic leadership role, you will be responsible for driving the Group’s information security strategy, ensuring the protection of AVBOB’s digital assets, systems, and data. You will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening our reputation as a trusted service provider.

You will be working for a company that is over 100 years old with strong values. In return for your services, you will be paid a competitive remuneration package. You will be working for an organisation that values employee development and rewards excellent performance.

Responsibilities include:

• Develop and execute AVBOB’s information security strategy aligned with business goals and digital innovation.

• Serve as a trusted advisor to executives, balancing innovation and cyber risk.

• Drive secure adoption of technologies including cloud, AI, and data analytics.

• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).

• Lead security assessments, technology deployments, and compliance audits.

• Collaborate with ICT, PMO, and Group Risk to manage enterprise-wide security initiatives.

• Ensure compliance with POPIA, GDPR, ISO 27001, and industry standards (NIST, PCI-DSS, CIS).

• Minimise legal, reputational, and financial risk through proactive governance.

• Develop and enforce AVBOB’s Cyber Incident Response Plan (CIRP).

• Oversee disaster recovery and continuity planning.

• Lead security audits, assessments, and real-time threat investigations.

• Implement training programs to build cybersecurity awareness across all departments.

• Foster a culture of shared responsibility and high performance within the security function.

• Degree in Information Technology, Business Administration, or related field.

• 7+ years of experience in cybersecurity, risk management, and IT leadership.

• 5–7 years in a senior information security management role.

• Professional Certifications: CISSP, CISM, CISA, CCSP, or equivalent.

• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.

• Experience in financial services or insurance industries.

• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).

• Ability to lead complex projects in a matrixed, multi-stakeholder environment.

• Proven experience in vendor and contract security negotiations.

• Strong leadership, communication, and analytical skills.

• Strategic and innovative thinking

• Leadership and influence

• Risk and compliance acumen

• Project and resource management

• Exceptional stakeholder communication

• Report writing and dashboard presentation

• Coaching and mentoring for performance

Chief Information Security Officer (CISO)

2025-07-22 - 2025-08-21

Permanent

JHB006851

Information Technology

Managed Talent Solutions is looking for a seasoned ChiefInformation Security Officer (CISO) for one of their client based in Centurion to lead enterprise-wide cyber security efforts. In this strategic leadership role, the successful candidate will be responsible for driving the Group’s information security strategy, ensuring the protection of the company’s digital assets, systems and data. The Chief Information Security Officer will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening the company's reputation as a trusted service provider.

Qualifications / Requirements:

• Matric plus, Degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in cybersecurity, risk management, and IT leadership .
• 7 years in a senior information security management role .
• Professional Certifications: CISSP, CISM, CISA, CCSP , or equivalent.
• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.
• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).
• Ability to lead complex projects in a matrixed, multi-stakeholder environment.
• Proven experience in vendor and contract security negotiations.
• Strong leadership, communication, and analytical skills.
• Strategic and innovative thinking
• Leadership and influence
• Risk and compliance acumen
• Project and resource management
• Exceptional stakeholder communication
• Report writing and dashboard presentation
• Coaching and mentoring for performance

• Develop and execute the company’s information security strategy aligned with business goals and digital innovation.
• Serve as a trusted advisor to executives, balancing innovation and cyber risk.
• Drive secure adoption of technologies including cloud, AI, and data analytics.
• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).
• Lead security assessments, technology deployments and compliance audits.
• Collaborate with ICT, PMO and Group Risk to manage enterprise-wide security initiatives.
• Ensure compliance with POPIA, GDPR, ISO 27001 and industry standards (NIST, PCI-DSS, CIS).
• Minimise legal, reputational and financial risk through proactive governance.
• Develop and enforce the company’s Cyber Incident Response Plan (CIRP).
• Oversee disaster recovery and continuity planning.
• Lead security audits, assessments, and real-time threat investigations.
• Implement training programs to build cybersecurity awareness across all departments.
• Foster a culture of shared responsibility and high performance within the security function.

SUMMARY :

Managed Talent Solutions is looking for a seasoned ChiefInformation Security Officer (CISO) for one of their client based in Centurion to lead enterprise-wide cyber security efforts. In this strategic leadership role, the successful candidate will be responsible for driving the Group’s information security strategy, ensuring the protection of the company’s digital assets, systems and data. The Chief Information Security Officer will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening the company's reputation as a trusted service provider.

POSITION INFO :

Qualifications / Requirements :

• Matric plus, Degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in cybersecurity, risk management, and IT leadership .
• 7 years in a senior information security management role .
• Professional Certifications : CISSP, CISM, CISA, CCSP , or equivalent.
• Deep understanding of security frameworks : ISO 27001, PCI-DSS, NIST, SSAE 18.
• Strong background in security tools and technologies (IAM, IDS / IPS, DLP, etc.).
• Ability to lead complex projects in a matrixed, multi-stakeholder environment.
• Proven experience in vendor and contract security negotiations.
• Strong leadership, communication, and analytical skills.
• Strategic and innovative thinking
• Leadership and influence
• Risk and compliance acumen
• Project and resource management
• Exceptional stakeholder communication
• Report writing and dashboard presentation
• Coaching and mentoring for performance

Responsibilities include :

• Matric plus, Degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in cybersecurity, risk management, and IT leadership .
• 7 years in a senior information security management role .
• Professional Certifications: CISSP, CISM, CISA, CCSP , or equivalent.
• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.
• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).
• Ability to lead complex projects in a matrixed, multi-stakeholder environment.
• Proven experience in vendor and contract security negotiations.
• Strong leadership, communication, and analytical skills.
• Strategic and innovative thinking
• Leadership and influence
• Risk and compliance acumen
• Project and resource management
• Exceptional stakeholder communication
• Report writing and dashboard presentation
• Coaching and mentoring for performance

• Develop and execute the companys information security strategy aligned with business goals and digital innovation.
• Serve as a trusted advisor to executives, balancing innovation and cyber risk.
• Drive secure adoption of technologies including cloud, AI, and data analytics.
• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).
• Lead security assessments, technology deployments and compliance audits.
• Collaborate with ICT, PMO and Group Risk to manage enterprise-wide security initiatives.
• Ensure compliance with POPIA, GDPR, ISO 27001 and industry standards (NIST, PCI-DSS, CIS).
• Minimise legal, reputational and financial risk through proactive governance.
• Develop and enforce the companys Cyber Incident Response Plan (CIRP).
• Oversee disaster recovery and continuity planning.
• Lead security audits, assessments, and real-time threat investigations.
• Implement training programs to build cybersecurity awareness across all departments.
• Foster a culture of shared responsibility and high performance within the security function.

Chief Information Security Officer (CISO)

2025-07-22 - 2025-08-21

Permanent

JHB006851

Information Technology

Managed Talent Solutions is looking for a seasoned ChiefInformation Security Officer (CISO) for one of their client based in Centurion to lead enterprise-wide cyber security efforts. In this strategic leadership role, the successful candidate will be responsible for driving the Group’s information security strategy, ensuring the protection of the company’s digital assets, systems and data. The Chief Information Security Officer will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening the company's reputation as a trusted service provider.

Qualifications / Requirements:

• Matric plus, Degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in cybersecurity, risk management, and IT leadership .
• 7 years in a senior information security management role .
• Professional Certifications: CISSP, CISM, CISA, CCSP , or equivalent.
• Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.
• Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).
• Ability to lead complex projects in a matrixed, multi-stakeholder environment.
• Proven experience in vendor and contract security negotiations.
• Strong leadership, communication, and analytical skills.
• Strategic and innovative thinking
• Leadership and influence
• Risk and compliance acumen
• Project and resource management
• Exceptional stakeholder communication
• Report writing and dashboard presentation
• Coaching and mentoring for performance

• Develop and execute the company’s information security strategy aligned with business goals and digital innovation.
• Serve as a trusted advisor to executives, balancing innovation and cyber risk.
• Drive secure adoption of technologies including cloud, AI, and data analytics.
• Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).
• Lead security assessments, technology deployments and compliance audits.
• Collaborate with ICT, PMO and Group Risk to manage enterprise-wide security initiatives.
• Ensure compliance with POPIA, GDPR, ISO 27001 and industry standards (NIST, PCI-DSS, CIS).
• Minimise legal, reputational and financial risk through proactive governance.
• Develop and enforce the company’s Cyber Incident Response Plan (CIRP).
• Oversee disaster recovery and continuity planning.
• Lead security audits, assessments, and real-time threat investigations.
• Implement training programs to build cybersecurity awareness across all departments.
• Foster a culture of shared responsibility and high performance within the security function.

Join to apply for the Information Security Management System (ISMS) Specialist role at Vector Logistics

Join to apply for the Information Security Management System (ISMS) Specialist role at Vector Logistics

Overview

We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.

Permanent

Midrand

Overview

We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.

But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.

Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.

Job Purpose

Information Security Management System (ISMS) Specialist is responsible for the end-to-end implementation, maintenance, and continuous improvement of the Information Security Management System (ISMS) in accordance with ISO/IEC 27001 standards. The incumbent will play a pivotal role in ensuring the confidentiality, integrity, and availability of our information assets, while also ensuring compliance with legal and regulatory requirements.

Key Responsibilities

ISMS Development And Implementation

• Lead the design, implementation, and continuous improvement of an ISMS aligned with ISO/IEC 27001 and other relevant frameworks (e.g., NIST, POPIA, CIS, CSA etc.).
• Develop, implement, and maintain information security policies, procedures, and guidelines.
• Assess existing information security practices and recommend improvements.
• Ensure the organization's ISMS aligns with business needs, regulatory requirements, and industry best practices.
  
  

• Perform risk assessments to identify potential security risks to the organization's information assets in alignment to ISO 31000.
• Develop risk treatment plans and assist in the implementation of risk mitigation strategies.
• Conduct ongoing risk assessments and audits to ensure the effectiveness of the ISMS.
  
  

• Ensure compliance with ISO/IEC 27001 and other industry standards and regulations.
• Prepare the organization for certification audits and support the audit process.
• Coordinate with auditors and certification bodies.
• Maintain records and documentation to ensure traceability and compliance with ISMS requirements.
  
  

• Provide training to staff and management on information security best practices, policies, and compliance requirements.
• Promote a culture of information security awareness across the organization.
• Support the creation of an internal security awareness program.
  
  

• Assist in the development and testing of incident response plans.
• Provide guidance and support in handling information security incidents.
• Ensure incidents are documented and reported in accordance with regulatory and contractual obligations & assist in post-incident analysis to determine the cause and recommend preventive actions.
  
  

• Define and monitor ISMS-related KPIs and metrics.
• Monitor and report on the performance of the ISMS, identifying areas for improvement.
• Monitor compliance with security policies and procedures.
• Lead regular internal audits to assess the effectiveness of the ISMS.
• Recommend and implement improvements based on audit findings, risk assessments, and evolving industry practices.
• Keep up-to-date with emerging threats, vulnerabilities, and regulatory changes.
  
  

• Assess and monitor third-party vendors and service providers for information security compliance.
• Assist in the integration of ISMS controls into third-party contracts and SLAs.
  
  

• This role plays a critical role in managing and maintaining relationships with both internal and external stakeholders.
• These interactions are essential for ensuring the organization’s security posture is robust and aligned with its strategic objectives.
  
  

• Bachelor’s Degree: A bachelor’s degree in information security, Computer Science, Information Technology, or a related field is required.
• Mandatory Requirement: ISO27001 Lead Implementer Preferrable: ISO27001 Lead Auditor, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)
• The ISMS Specialist role demands a robust combination of technical expertise, specialized knowledge, and strong leadership abilities. The ideal candidate must have an intrinsic understanding of the ISMS statement of applicability.
• The ideal candidate should possess in-depth knowledge of information security frameworks such as ISO/IEC 27001, NIST, and CIS Controls. Familiarity with IT governance frameworks (e.g., COBIT, ITIL)., and have extensive experience in risk management, incident response, and compliance, particularly with South African regulations like POPIA and the Cybercrimes Act.
• Soft skills such as excellent communication, adaptability, attention to detail, and ethical judgment are also vital, enabling the Information Security Compliance Specialist to convey complex security concepts, adapt to evolving threats, and uphold the highest standards of security and privacy within the organization. Experience in BIA, BCM, DR.Include experience in vulnerability management, patching, JML.
• Minimum of 7-10 years of experience in the field of information security, cybersecurity, or a related discipline, with at least 1-3 years in a managerial or leadership capacity. This experience should include hands-on management of security frameworks such as ISO/IEC 27001 and NIST, as well as significant exposure to risk management, incident response, and compliance with industry regulations.
• Proven experience of leading ISO/IEC 27001 certification projects and certification maintenance.
• Experience in working with ISO27001 certification bodies.
• Development of audit and ISMS remediation plans.
• Familiarity with data protection laws and industry regulations.
• Relevant professional certifications such as CISM, CRISC, or CISA, which validate their expertise in key areas of information security. Knowledge of security tools, including Microsoft Sentinel, CyberReason, and Microsoft Defender, is essential for managing the organization’s security posture effectively.
  
  

• Strategic Thinking: Ability to align security strategies with business objectives and anticipate future challenges.
• Technical Expertise: Knowledge of security frameworks, technologies, and tools, with strong proficiency in threat analysis and mitigation.
• People Management: Strong leadership skills to build, manage, and effectively leverage external resources.
• Decision-Making and Judgment: High discretion in making critical security decisions, balancing immediate needs with long-term goals.
• Collaboration and Communication: Excellent interpersonal skills for engaging with both technical and non-technical stakeholders and building strong relationships.
• Problem-Solving and Analytical Skills: Strong analytical abilities to assess and resolve complex security issues across organizational boundaries.
• Compliance and Regulatory Knowledge: In-depth understanding of relevant regulations and standards, ensuring ongoing compliance.
• Adaptability and Resilience: Ability to adapt to changing security landscapes and manage high-pressure situations.
• Ethical Integrity: Commitment to upholding the highest ethical standards in all security practices
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Transportation, Logistics, Supply Chain and Storage

Referrals increase your chances of interviewing at Vector Logistics by 2x

Johannesburg, Gauteng, South Africa 2 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 3 days ago

Johannesburg, Gauteng, South Africa 1 month ago

Randburg, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Randburg, Gauteng, South Africa 5 days ago

Pretoria, Gauteng, South Africa 2 weeks ago

Johannesburg Metropolitan Area 3 days ago

Centurion, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 1 day ago

Johannesburg, Gauteng, South Africa 6 days ago

Johannesburg, Gauteng, South Africa 5 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Information Security Management System (ISMS) Specialist

Permanent

Midrand

Overview

We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.

But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.

Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.

Job Purpose
Information Security Management System (ISMS) Specialist isresponsible for the end-to-end implementation, maintenance, and continuousimprovement of the Information Security Management System (ISMS) in accordancewith ISO/IEC 27001 standards. The incumbent will play a pivotal role inensuring the confidentiality, integrity, and availability of our informationassets, while also ensuring compliance with legal and regulatory requirements.

Key Responsibilities

ISMS Development and Implementation:

• Lead the design, implementation, and continuous improvement of an ISMS aligned with ISO/IEC 27001 and other relevant frameworks (e.g., NIST, POPIA, CIS, CSA etc.).
• Develop, implement, and maintain information security policies, procedures, and guidelines.
• Assess existing information security practices and recommend improvements.

• Ensure the organization's ISMS aligns with business needs, regulatory requirements, and industry best practices.

Risk Assessment and Management:

• Perform risk assessments to identify potential security risks to the organization's information assets in alignment to ISO 31000.
• Develop risk treatment plans and assist in the implementation of risk mitigation strategies.
• Conduct ongoing risk assessments and audits to ensure the effectiveness of the ISMS.

Compliance and Audits:

• Ensure compliance with ISO/IEC 27001 and other industry standards and regulations.
• Prepare the organization for certification audits and support the audit process.
• Coordinate with auditors and certification bodies.
• Maintain records and documentation to ensure traceability and compliance with ISMS requirements.

Training and Awareness:

• Provide training to staff and management on information security best practices, policies, and compliance requirements.
• Promote a culture of information security awareness across the organization.
• Support the creation of an internal security awareness program.

Incident Response and Management:

• Assist in the development and testing of incident response plans.
• Provide guidance and support in handling information security incidents.
• Ensure incidents are documented and reported in accordance with regulatory and contractual obligations & assist in post-incident analysis to determine the cause and recommend preventive actions.

Continuous Improvement:

• Define and monitor ISMS-related KPIs and metrics.
• Monitor and report on the performance of the ISMS, identifying areas for improvement.
• Monitor compliance with security policies and procedures.
• Lead regular internal audits to assess the effectiveness of the ISMS.
• Recommend and implement improvements based on audit findings, risk assessments, and evolving industry practices.
• Keep up-to-date with emerging threats, vulnerabilities, and regulatory changes.

Vendor and Third-Party Risk Management:

• Assess and monitor third-party vendors and service providers for information security compliance.
• Assist in the integration of ISMS controls intothird-party contracts and SLAs.

Key Relationships

Key Relationship 1

• This role plays a critical role in managing and maintaining relationships with both internal and external stakeholders.
• These interactions are essential for ensuringthe organization’s security posture is robust and aligned with its strategicobjectives.