225 Conducting Vulnerability Assessments jobs in South Africa
Security Analyst - Penetration Testing & Red Teaming
Posted 3 days ago
Job Viewed
Job Description
Security Analyst - Penetration Testing & Red Teaming
Johannesburg, South Africa
Job Openings Security Analyst - Penetration Testing & Red Teaming
About the job Security Analyst - Penetration Testing & Red TeamingExciting Opportunity: Security Analyst: Penetration Testing & Red Teaming Specialist
Our client is looking for a talented Security Analyst who is ready to take on a variety of security assessments and grow their career in a high-energy, cutting-edge environment.
Responsibilities:
Penetration Testing:
- Collaborate within a team of experts to conduct vulnerability assessments and penetration tests across a wide range of technologies.
- Assess network, application (web and thick client), mobile, wireless, social engineering, and physical security, using both automated and manual techniques.
- Engage with clients professionally to deliver insights and constructive feedback, ensuring their security needs are met.
- Dive deep into security topics like network, database, and application security, developing your expertise along the way.
- Leverage your skills with penetration testing tools to uncover vulnerabilities and improve security measures.
Red Teaming:
- Become part of an elite Red Team, focusing on reconnaissance using open-source intelligence (OSINT) to gather actionable data.
- Take the lead in compromising systems by identifying vulnerabilities in people, processes, and technology.
- Develop and deploy command-and-control servers and custom payloads, establishing persistence within target environments.
- Evolve your craft by creating new tools, techniques, and procedures to avoid detection by defenders.
- Work on escalation, maintaining long-term access to compromised networks, and exfiltrating critical data.
Research and Development:
- Stay ahead of the curve by researching and identifying new vulnerabilities, focusing on high-profile products and systems.
- Understand and analyze the latest tactics used by threat actors to craft innovative security strategies.
- Develop and refine attack methodologies that will be used to strengthen future defensive efforts.
Requirements:
Experience:
- 2-5 years' hands-on Penetration Testing, including a strong background in network, mobile, web, and wireless security assessments.
- Strong understanding of common vulnerability assessment and penetration testing tools.
- Ability to think critically and creatively to solve complex security challenges.
- Strong communication skills for both internal collaboration and client-facing interactions.
- Passion for continuous learning and staying updated on the latest in cybersecurity.
Security analyst - penetration testing & red teaming
Posted today
Job Viewed
Job Description
Security analyst - penetration testing & red teaming
Posted today
Job Viewed
Job Description
Information Security Analyst
Posted today
Job Viewed
Job Description
Introduction
Through our client-facing brands Metropolitan and Momentum, with Multiply (wellness and rewards program), and our other specialist brands, including Guardrisk and Eris Property Group, the group enables business and people from all walks of life to achieve their financial goals and life aspirations.We help people grow their savings, protect what matters to them and invest for the future. We help companies and organization's care for and reward their employees and members. Through our own network of advisers or via independent brokers and utilising new platforms Momentum Metropolitan provides practical financial solutions for people, communities, and businesses. Visit us at
Disclaimer
As an applicant, please verify the legitimacy of this job advert on our company career page.
Role Purpose
This position is responsible for performing various tasks. This role is also required to conduct ongoing research in the IT security arena and regularly assist in the sales process.The ideal candidate will be responsible for conducting comprehensive penetration tests, identifying vulnerabilities, and providing recommendations to improve security posture. The ideal candidate must have experience in all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, applications, hosts, firewalls, mobile applications, etc.) and related policies and procedures. They must be highly motivated and have a good command of industry best practices.
Requirements
5+ years of experience in penetration testing, vulnerability assessment, or a related field.
Deep knowledge of security testing methodologies and frameworks (OWASP, NIST, etc.).
Proficiency with advanced penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, etc.
Strong scripting skills (Python, Bash, PowerShell, etc.) for automating security tasks.
In-depth understanding of network protocols, operating systems, web technologies, and cloud environments.
CISSP and CEH certification preferred.
OSCP, OSEP, CCSP, CRTE, CRTP, or CRTO certification or equivalent is an advantage.
Duties & Responsibilities
Lead and conduct comprehensive penetration tests on networks, applications, and systems to identify security weaknesses.
Develop and implement advanced security test plans, scenarios, and scripts.
Perform in-depth vulnerability assessments and security analysis using both automated tools and manual techniques.
Document and report security findings, providing actionable insights to clients and detailed recommendations for remediation.
Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.
Research and stay current with emerging security threats, vulnerabilities, and technology trends.
Participate in security incident response activities when required.
Assist in the development and refinement of security policies, procedures, and standards.
Provide training, guidance, and mentorship to junior penetration testers and other security staff.
Perform security assessments, including application scans (using tools such as Nessus, Burp Suite) and code reviews, to ensure compliance with Momentum Group's SDLC policies.
Participate in a variety of other internal security projects and information security activities as required.
Competencies
Strong knowledge of OWASP Top 10 vulnerabilities and how to exploit/mitigate them.
Excellent technical writing skills for creating detailed assessment reports.
Self-driven, motivated, independent yet communicative and collaborative.
Ability to work unsupervised in a remote capacity and deliver results.
Good organizational skills and time management; ability to resolve conflicts, prioritize tasks, and follow quality benchmarks.
Strong verbal communication skills for presenting findings to technical and non-technical stakeholders.
Demonstrate a strong ability to engage with various stakeholders, have a team-based approach, and work towards shared goals and outcomes.
Ability to think outside the box and a passion to improve your skills and drive innovation.
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Analyst
Acacium Group – Woodstock, Cape Town
Permanent, Full Time
Salary: R35 000 per month plus amazing benefits
Unlock Your Potential
Are you a technically minded individual with a passion for cybersecurity? Are you eager to grow and develop within a global organisation?
This is an excellent entry-level opportunity to launch your career in Information Security.
As an Information Security Analyst, you will play a key role in supporting our security operations and governance frameworks. You'll work closely with both technical teams—such as Infrastructure, Service Delivery, and Application Management—and non-technical teams including Legal, Compliance, HR, Audit, and Risk. You'll also engage with end users to promote best practices and ensure ongoing compliance across the organisation.
Every Day, You Will…
- Conduct threat hunting activities to proactively identify and mitigate risks.
- Assist in security incident management, including triaging alerts and coordinating responses.
- Support regular reviews of suppliers, project risks, and user access.
- Help update IT security policies and practices.
- Deliver and assess IT Security & Cyber Awareness training, audits, and testing.
- Contribute to maintaining compliance with standards like ISO 27001, Cyber Essentials Plus, NHS DSP Toolkit, and GDPR.
- Compile monthly and quarterly security reports.
- Assist in cyber incident response and business continuity efforts.
What's In It For You?
- Hands-on technical training and exposure to a wide range of systems
- Opportunities to earn certifications in the Information Security field
- Access to senior stakeholders and involvement in impactful corporate projects
- Mentorship from experienced professionals to guide your development
- A strong focus on your career growth, with the tools, support, and guidance to help you thrive
- Unmatched career progression, thanks to being part of a global group spanning healthcare, staffing, and life sciences
- Exciting events and incentives, both locally and across the wider group
- Employer contributions to medical aid
- Subsidised transport options
Join Us and Make a Difference
Acacium Group is a global healthcare solutions partner offering staffing, managed services, and innovative delivery models to health and social care systems and the life sciences industry. We are powered by the best people and have an unrivalled and diverse range of capabilities, all while incorporating our company values into everything we do:
Putting People First, Always by Your Side, Driven by Excellence.
Join us and play a key part in shaping the future of society and improving people's lives
To Thrive in This Role, You Must Have…
- A positive, logical, and proactive approach to problem-solving
- Strong organisational and time management skills
- The ability to prioritise tasks and deliver high-quality outcomes
- Clear written communication skills, especially when creating technical documentation for non-technical audiences
- The ability to identify and manage risks within the business and Information Security framework
- Confidence and strong verbal communication skills
- CompTIA Security+
- Microsoft Security Operations Analyst
Employment Equity
The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.
Information Security Analyst
Posted today
Job Viewed
Job Description
Company Description
INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.
Role Description
This is a full-time, on-site role for an Information Security Analyst / Interns at INTERCERT INC., located in South Africa. The Information Security Analyst / Intern will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.
Qualifications
Bachelor's Degree or equivalent focused on Information
Security/Cybersecurity
Experience Level
0-6 months
Roles and Responsibilities
Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.
Help assess the design and effectiveness of internal controls, including business and IT controls.
Prepare reports and documentation for external audits and communicate audit findings and recommendations.
Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.
Information Security Analyst
Posted today
Job Viewed
Job Description
Company Description
INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.
Role Description
This is a full-time, remote working role for an Information Security Analyst in South Africa. The Information Security Analyst will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.
Qualifications
Bachelor's Degree or equivalent focused on Information
Security / Cybersecurity
Experience Level
0-6 months
Roles and Responsibilities
Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.
Help assess the design and effectiveness of internal controls, including business and IT controls.
Prepare reports and documentation for external audits and communicate audit findings and recommendations.
Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.
Be The First To Know
About the latest Conducting vulnerability assessments Jobs in South Africa !
Senior Information Security Analyst
Posted today
Job Viewed
Job Description
Our clients in the consulting space are on the hunt for a seasoned Senior Information Security Analyst to join their teams in the Western cape. Work and collaborate with Dynamic teams, architects and stakeholders on a hybrid model and expand your skillset exponentially.
Responsibilities:
Planning and deploying technical security solutions, working independently to driving projects to completionCollaborate with solutions architects support implementation efforts.Maintain and support complex security environments, ensuring operational stability.Troubleshoot and resolve security issues.Assess risks from new vulnerabilities and contribute to mitigation recommendations.Participate in customer engagements and incident bridges, supporting complex technical issues as needed.Contribute to quality assurance efforts and peer reviews within the team.Support documentation efforts including proposals, reports, and project materials.Take ownership of assigned technologies and contribute to team knowledge sharing.Demonstrate understanding of business principles and contribute to design work with guidance.Work overtime and assist with standby duties as required.Perform additional tasks as defined by leadership.Monitor external threat landscape and share relevant insights with the team.Create and contribute to reports and technology updates.Resolve escalated incidents and requests within SLA timelines.Update tickets consistently with resolution details.Proactively identify and log issues, capturing relevant information for resolution.Provide third-level support and assist in root cause analysis.Share knowledge and document solutions for broader team use.Communicate effectively with internal teams and clients.Support change implementation and documentation.Identify opportunities for automation and collaborate with relevant teams.Participate in quality audits as required.Requirements4–6 years of information security experienceCEH, CASP+, Microsoft Azure certifications(Preferred) CCIE / CISSP / CISM / CISAExposure to security architecture tools and methodologiesHands-on experience with IT security solutionsUnderstanding of IT operations and project deploymentsFamiliarity with regulatory frameworks (e.g., POPIA, GDPR)Ability to communicate security concepts to technical and non-technical audiencesExperience with cloud security tools and managed servicesProficiency in ticketing systems (e.g., ServiceNow, 4Me, Jira)Experience in enterprise environments and vendor coordinationSIEM/SOC technologies (e.g., Azure Sentinel)Vulnerability managementThreat/risk analysisFirewall/IPS/IDSEndpoint protection (XDR)Basic penetration testing and ethical hackingAzure cloud security fundamentalsSolid understanding of change management processes.Strong technical skills in relevant security domains.Good client service orientation and communication skills.Ability to work across diverse teams and cultures.Organized and adaptable to changing circumstances.Positive attitude and resilience under pressure.Active listening and problem-solving skills.Familiarity with security frameworks and standards.Exposure to multiple cybersecurity domains.Information Security Analyst MMH250401-13
Posted today
Job Viewed
Job Description
Role Purpose
This position is responsible for performing various tasks. This role is also required to conduct ongoing research in the IT security arena and regularly assist in the sales process.The ideal candidate will be responsible for conducting comprehensive penetration tests, identifying vulnerabilities, and providing recommendations to improve security posture. The ideal candidate must have experience in all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, applications, hosts, firewalls, mobile applications, etc.) and related policies and procedures. They must be highly motivated and have a good command of industry best practices.
Requirements
- 5+ years of experience in penetration testing, vulnerability assessment, or a related field.
- Deep knowledge of security testing methodologies and frameworks (OWASP, NIST, etc.).
- Proficiency with advanced penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, etc.
- Strong scripting skills (Python, Bash, PowerShell, etc.) for automating security tasks.
- In-depth understanding of network protocols, operating systems, web technologies, and cloud environments.
- CISSP and CEH certification preferred.
- OSCP, OSEP, CCSP, CRTE, CRTP, or CRTO certification or equivalent is an advantage.
Duties and Responsibilities
- Lead and conduct comprehensive penetration tests on networks, applications, and systems to identify security weaknesses.
- Develop and implement advanced security test plans, scenarios, and scripts.
- Perform in-depth vulnerability assessments and security analysis using both automated tools and manual techniques.
- Document and report security findings, providing actionable insights to clients and detailed recommendations for remediation.
- Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.
- Research and stay current with emerging security threats, vulnerabilities, and technology trends.
- Participate in security incident response activities when required.
- Assist in the development and refinement of security policies, procedures, and standards.
- Provide training, guidance, and mentorship to junior penetration testers and other security staff.
- Perform security assessments, including application scans (using tools such as Nessus, Burp Suite) and code reviews, to ensure compliance with Momentum Group's SDLC policies.
- Participate in a variety of other internal security projects and information security activities as required.
As an applicant, please verify the legitimacy of this job advert on our company career page
Information Security Lead
Posted 1 day ago
Job Viewed
Job Description
Join Interfile—South Africa’s leading Electronic Bill Presentment & Payment (EBPP) fintech—where we design, build, and run large-scale digital services used by millions, partnering with top banks, major corporates, and government. You’ll work on modern architectures across both new builds and enhancements in a culture that prizes innovation, seamless integration, and exceptional delivery. We’re customer-obsessed and known for helping organizations modernise. Our Fourways office—right across from Montecasino—offers a modern workspace with a Vitality-certified gym, canteen, and great chill areas.
Purpose of the role:
Lead and continuously improve our information security posture across on-prem and cloud—covering platforms, hardware, networks, and data centres. You’ll drive vulnerability remediation through both automation and hands-on work, ensure compliance with POPIA, and design, implement, and uplift security standards and frameworks (e.g., ISO 27001/27002, NIST CSF 2.0). You’ll also own risk management and incident response while championing a security-first culture across the business.
Responsibilities:
- Security Assessment & Management
- Conduct regular security assessments across infrastructure, applications, and data environments.
- Implement and manage SAST and DAST tools and processes.
- Track, report, and drive remediation of vulnerabilities and security issues.
- Security Posture & Reporting
- Develop and maintain dashboards and reports that clearly communicate the organization’s security posture.
- Define and track KPIs for security posture, remediation velocity, and compliance.
- Collaborate with internal teams to ensure visibility and accountability for remediation efforts.
- Automation & Remediation
- Design and implement automated security controls and remediation workflows.
- Work with DevOps and IT teams to integrate security into CI/CD pipelines.
- Compliance & Regulatory Alignment
- Ensure alignment with POPIA and other applicable data protection regulations.
- Support audits and compliance reporting requirements.
- Work with legal and compliance teams to ensure data handling aligns with privacy laws.
- Standards & Frameworks
- Contribute to the design and rollout of security standards such as ISO 20027.
- Align security practices with NIST CSF 2.0 and other relevant frameworks.
- Risk Management
- Conduct risk assessments and maintain a security risk register.
- Collaborate with business units to understand and mitigate security risks tied to operations and products.
- Incident Response & Forensics
- Develop and maintain incident response plans.
- Lead investigations into security breaches and coordinate post-incident reviews.
- Security Awareness & Training
- Design and deliver security awareness programs for staff.
- Promote a security-first culture across technical and non-technical teams.
- Third-Party & Vendor Security
- Assess and manage security risks related to vendors, partners, and third-party services.
- Ensure contracts and SLAs include appropriate security clauses.
- Secure Architecture & Design
- Participate in solution architecture reviews to ensure security is embedded from the start.
- Advise on secure design patterns and threat modeling.
Requirements (Essential):
- Bachelor’s degree in Information Security, Computer Science, or related field.
- At least one security certification: CISSP, CISM, CEH, CompTIA Security+, ISO 27001 Lead Implementer (or similar).
- 5+ years in an information security role (or similar).
- Proven security experience across infrastructure, applications, and data environments.
- Hands-on with SAST/DAST tools (e.g., SonarQube, OWASP ZAP, Burp Suite).
- Strong vulnerability management and remediation workflow expertise.
- Familiarity with automation/scripting (e.g., Python, PowerShell) and CI/CD tooling.
- Working knowledge of POPIA and other data-protection regulations.
- Experience with security frameworks (e.g., NIST CSF, ISO 27001/27002).
- Ability to communicate technical risks and remediation plans to non-technical stakeholders.
Nice to Have (Desirable)
- Proactive, detail-oriented, strong sense of ownership.
- Comfortable collaborating across multiple teams and disciplines.
- Passion for security, compliance, and continuous improvement.
- Multiple or advanced security certifications.