76 Cloud Security jobs in Johannesburg

SUMMARY : POSITION INFO :

Key Experience :

• At least 4-7 years of Cloud Experience (AWS, Azure, or GCP)
• Securing cloud environments and protecting data
• Implementing security measures, monitoring cloud infrastructure for threats, and responding to security incidents
• Experience with security tools such as firewalls, intrusion detection systems, and identity and access management solutions
• Architecting Microsoft Azure Solutions Certification
• Configuring and maintaining MS Azure PaaS, IaaS, & SaaS offerings
• Developing Microsoft Azure Solutions Certification
• Exposure to Active Directory, Hyper-V (administration & configuration), IIS Administration, OS internal concepts, and security
• Implementing Microsoft Azure Infrastructure Solutions Certifications
• Experience with Microsoft Management tools (SCOM, SCCM, SCSM, MS Orchestrator (Opalis))
• MS SQL Server performance tuning
• Server clustering experience
• Understanding security and segregation of duty requirements for enterprise systems
• Working knowledge of networking concepts including VIPs, NAT, DNS, networking tools (ping, tracert, tracemon, NetMon, Wireshark), and scripting tools (PowerShell & XML)

Qualifications :

• Senior Certificate or NQF 4 equivalent
• Bachelor’s Degree in Computer Science or equivalent (advantageous)
• Relevant Cloud Security Certifications

Soft Skills :

• Collaborative personality with excellent communication and presentation skills, able to interact effectively at all organizational levels
• Excellent analytical, organizational, problem-solving, and time management skills
• Strong training and writing skills in English
• Motivated with a strong work ethic

Scope of Work :

• Participate in Continuous Improvement initiatives
• Design and architecture of Cloud Infrastructure
• Maintenance of Customer Cloud Infrastructure
• Deployment of Customer Environments
• Support for Customer Environments
• Compliance with Cyber Security Regulations
• System hardware and software installation, configuration, operation, and maintenance
• Engage with users and analysts to provide solutions following the Application Lifecycle Management (ALM) process
• Estimate architecture costs
• Performance monitoring, proactive management, and reporting
• Server administration

Key Experience:

• At least 4-7 years of Cloud Experience (AWS, Azure or GCP (Google))
• Securing cloud environments and protecting data.
• Implementing security measures, monitoring cloud infrastructure for threats, and responds to security incidents.
• May work with various security tools and technologies, including firewalls, intrusion detection systems, and identity and access management solutions.
• Architecting Microsoft Azure Solutions Certification
• Configuring and maintaining MS Azure PaaS & IaaS & SaaS offerings
• Developing Microsoft Azure Solutions Certification
• Exposure to Active Directory, Hyper-V (admin & config), IIS Administration, OS Internal concepts, Security experience
• Implementing Microsoft Azure Infrastructure Solutions Certifications
• Microsoft Management tools (SCOM, SCCM, SCSM, MS Orchestrator (Opalis))
• MS SQL Server performance tuning
• Server clustering experience
• Understanding of security and segregation of duty requirements for an enterprise system
• Working knowledge with Networking Concepts including VIPs, NAT, DNS, Networking Tools (ping, tracert, tracemon, NetMon, wire shark, etc), and Scripting Tools (Powershell & XML)

Qualifications:

• Senior Certificate or NQF 4 equivalent
• Bachelor’s Degree in Computer Science or equivalent is an advantage
• Relevant Cloud Security Certifications

Soft Skills:

• Collaborative personality with excellent communication and presentation skills with the ability to interact effectively with all levels in the organization
• Excellent Analytical Skills
• Excellent organizational skills with the ability to visualize the big picture and manage minute details
• Excellent problem-solving skills
• Excellent time management
• Excellent training skills
• Excellent writing skills (English)
• Motivated and strong work ethic

Scope of Work:

• Actively participate in Continuous Improvement initiatives
• Cloud Infrastructure Design/Architecture definition
• Customer Cloud Infrastructure maintenance
• Customer Environment Deployment
• Customer Support on Environments
• Cyber Security Regulations
• Design, provision, installation/configuration, operation, and maintenance of systems hardware and software and related infrastructure
• Engage with business users, analysts, and peers to provide solutions following a defined Application Lifecycle Management (ALM) process
• Estimation of Architecture Costs
• Performance Monitoring, proactive management, and Reporting
• Server Administration

We are looking for an experienced Cloud Security Engineer to join our team on an exciting project. This role is perfect for someone passionate about building secure, scalable, and modern cloud environments while driving innovation in cloud security.

Role Overview

As a Cloud Security Engineer, you'll design, build, and maintain secure infrastructure primarily on AWS, with integration across Azure. You'll play a key role in ensuring strong security practices across cryptography, IAM, APIs, and modern application development.

Key Responsibilities:

• Design, implement, and support secure AWS cloud environments (EKS, S3, RDS) with Azure integration.

• Deploy and maintain cryptographic solutions for data security and compliance.

• Manage API security, secrets management, and identity & access controls.

• Develop secure microservices with Java & Spring Boot.

• Implement CI/CD pipelines (Jenkins, Git).

• Deploy and manage Docker and Kubernetes environments.

• Support ETL processes, optimise SQL queries, and ensure data integrity.

• Collaborate with teams to troubleshoot issues and respond to incidents.

• Drive security governance, threat modelling, and compliance activities.

Requirements:

• Bachelor's degree in Computer Science/Information Systems (or related field).

• 5+ years' experience in cloud engineering with strong AWS expertise.

• Proven cryptography, key management, and secure software development experience.

• Strong knowledge of network security, IAM, and API management.

• Proficient in Java, Spring Boot, SQL, Docker, Kubernetes, Jenkins, CI/CD.

• Experience with Azure, monitoring tools, and ETL/data integration.

• Familiarity with Agile and DevOps culture.

• AWS/Azure certifications (advantage).

• Knowledge of Terraform/CloudFormation is a plus.

Interested? Apply by sending your CV to:

leigh-

Cloud Security Analyst Key Responsibilities

• Implement, manage, and monitor cloud security controls (IAM, RBAC, MFA, encryption, auditing).
• Design and enforce Identity & Access Management (IAM) and Role-Based Access Controls (RBAC) across cloud infrastructure.
• Configure and maintain encryption standards (TLS, AES-256) for data in transit and at rest.
• Conduct regular audits, penetration tests, and monitoring to identify vulnerabilities.
• Ensure compliance with security frameworks and standards (ISO 27001, NIST, SOC2, GDPR, POPIA).
• Implement cloud monitoring tools for threat detection and incident response.
• Collaborate with DevOps/Cloud Engineers to embed security into CI/CD pipelines (shift-left security).
• Prepare and deliver security assessment reports for leadership and compliance teams.
• Stay updated on evolving cloud security risks, tools, and industry trends.

• Minimum 5 years experience in Cloud Security, Information Security, or Cybersecurity.
• Strong knowledge of cloud security best practices (AWS, Azure, or GCP preferred).
• Expertise in IAM, RBAC, and MFA solutions.
• Hands-on experience with encryption protocols (TLS, AES-256).
• Solid understanding of audit processes and compliance frameworks .
• Proficiency with monitoring and security tools (SIEM, CloudTrail, Azure Sentinel, Splunk, etc.).
• Knowledge of container security and serverless environment security.
• Relevant certifications advantageous (CCSP, CISSP, CISM, Microsoft/Azure Security, AWS Security).

Join Interfile—South Africa’s leading Electronic Bill Presentment & Payment (EBPP) fintech—where we design, build, and run large-scale digital services used by millions, partnering with top banks, major corporates, and government. You’ll work on modern architectures across both new builds and enhancements in a culture that prizes innovation, seamless integration, and exceptional delivery. We’re customer-obsessed and known for helping organizations modernise. Our Fourways office—right across from Montecasino—offers a modern workspace with a Vitality-certified gym, canteen, and great chill areas.

Purpose of the role:

Lead and continuously improve our information security posture across on-prem and cloud—covering platforms, hardware, networks, and data centres. You’ll drive vulnerability remediation through both automation and hands-on work, ensure compliance with POPIA, and design, implement, and uplift security standards and frameworks (e.g., ISO 27001/27002, NIST CSF 2.0). You’ll also own risk management and incident response while championing a security-first culture across the business.

Responsibilities:

• Security Assessment & Management
  • Conduct regular security assessments across infrastructure, applications, and data environments.
  • Implement and manage SAST and DAST tools and processes.
  • Track, report, and drive remediation of vulnerabilities and security issues.
• Security Posture & Reporting
  • Develop and maintain dashboards and reports that clearly communicate the organization’s security posture.
  • Define and track KPIs for security posture, remediation velocity, and compliance.
  • Collaborate with internal teams to ensure visibility and accountability for remediation efforts.
• Automation & Remediation
  • Design and implement automated security controls and remediation workflows.
  • Work with DevOps and IT teams to integrate security into CI/CD pipelines.
• Compliance & Regulatory Alignment
  • Ensure alignment with POPIA and other applicable data protection regulations.
  • Support audits and compliance reporting requirements.
  • Work with legal and compliance teams to ensure data handling aligns with privacy laws.
• Standards & Frameworks
  • Contribute to the design and rollout of security standards such as ISO 20027.
  • Align security practices with NIST CSF 2.0 and other relevant frameworks.
• Risk Management
  • Conduct risk assessments and maintain a security risk register.
  • Collaborate with business units to understand and mitigate security risks tied to operations and products.
• Incident Response & Forensics
  • Develop and maintain incident response plans.
  • Lead investigations into security breaches and coordinate post-incident reviews.
• Security Awareness & Training
  • Design and deliver security awareness programs for staff.
  • Promote a security-first culture across technical and non-technical teams.
• Third-Party & Vendor Security
  • Assess and manage security risks related to vendors, partners, and third-party services.
  • Ensure contracts and SLAs include appropriate security clauses.
• Secure Architecture & Design
  • Participate in solution architecture reviews to ensure security is embedded from the start.
• Advise on secure design patterns and threat modeling.

Requirements (Essential):

• Bachelor’s degree in Information Security, Computer Science, or related field.
• At least one security certification: CISSP, CISM, CEH, CompTIA Security+, ISO 27001 Lead Implementer (or similar).
• 5+ years in an information security role (or similar).
• Proven security experience across infrastructure, applications, and data environments.
• Hands-on with SAST/DAST tools (e.g., SonarQube, OWASP ZAP, Burp Suite).
• Strong vulnerability management and remediation workflow expertise.
• Familiarity with automation/scripting (e.g., Python, PowerShell) and CI/CD tooling.
• Working knowledge of POPIA and other data-protection regulations.
• Experience with security frameworks (e.g., NIST CSF, ISO 27001/27002).
• Ability to communicate technical risks and remediation plans to non-technical stakeholders.

Nice to Have (Desirable)

• Proactive, detail-oriented, strong sense of ownership.
• Comfortable collaborating across multiple teams and disciplines.
• Passion for security, compliance, and continuous improvement.
• Multiple or advanced security certifications.

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.