What Jobs are available for Cyber Engineer in South Africa?

Cybersecurity Engineer & Penetration Tester

Business Unit: Cyber Security

Contract Duration: 12 Months Renewable Contract

Location: Randburg | Hybrid

Role Overview

We are seeking a highly skilled Senior Penetration Tester to join our Cyber Security Business Unit on a 12-month contract. The successful candidate will have the expertise to identify, assess, and exploit vulnerabilities end-to-end, from system architecture and design through to development, deployment, and operations. This role requires deep technical knowledge, practical penetration testing skills, and a proven track record in bounty hunting, advanced threat modelling, and secure architecture assessments.

Key Responsibilities:

* Conduct comprehensive penetration testing across banking systems, applications, APIs, networks, and cloud environments.

* Perform architecture-level security reviews to detect flaws in system and application design before and after build.

* Evaluate development practices and code for potential security weaknesses and assist in secure coding initiatives.

* Perform threat modelling and create attack scenarios that reflect real-world adversary behaviour.

* Identify vulnerabilities across web, mobile, API, infrastructure, and cloud environments.

* Perform red team and adversarial simulations to test resilience against advanced attacks.

* Provide detailed technical reports with actionable remediation strategies and risk prioritization.

* Partner with architects, developers, and DevOps to embed security into the SDLC and CI/CD pipelines.

* Stay ahead of the curve on emerging exploits, malware, frameworks, and attack methodologies.

* Mentor junior team members and strengthen the organization's cyber testing maturity.

Requirements

Technical Skills & Experience

* 7+ years of hands-on penetration testing and security assessment experience.

* Strong expertise across the entire technology stack:

* Architecture: ability to identify systemic design flaws and insecure patterns.

* Development: review source code, spot insecure practices, recommend secure alternatives.

* Deployment/Operations: assess misconfigurations, infrastructure, and cloud security posture.

* Proven background in bounty hunting with bug bounty platforms and advanced exploit development.

* Deep expertise in web, mobile, API, and cloud penetration testing.

* Advanced knowledge of threat modelling methodologies (STRIDE, DREAD, PASTA, etc.).

* Proficiency in tools and frameworks such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, OWASP ZAP, custom scripting (Python/PowerShell/Bash).

* Familiarity with secure SDLC, DevSecOps, and CI/CD pipelines.

* Working knowledge of cloud security (AWS, Azure, GCP) and containerization (Docker, Kubernetes).

* In-depth understanding of attack vectors (SQLi, XSS, CSRF, SSRF, privilege escalation, deserialization, RCE, etc.).

Qualifications & Certifications

* Degree in Computer Science, Cybersecurity, or related field (preferred).

* Advanced security certifications such as OSCP, OSWE, OSEP, CREST, GPEN, GXPN (highly advantageous).

* Public recognition in bug bounty programs or CVE contributions is a strong differentiator.

* Strong analytical mindset and big-picture view of security across the entire stack.

* Excellent communication and stakeholder engagement skills.

* Ability to translate technical risk into business impact.

* Self-driven, proactive, and able to deliver results under pressure.

Apply By
We're on the lookout for energetic, self-motivated individuals who share our passion for service in the banking industry. To be part of the journey, follow the steps below:

• To see what life at Capitec is all about and complete a short assessment, please click here
• Once you have completed the above finalize your application by clicking apply below.

Join Us in Becoming the Best Bank in the World
We appoint energized and motivated people for their potential and continuously look for talented, driven individuals to help us innovate and evolve. That is why we focus on finding the right people for the right jobs. We love what we do because we focus on making a positive difference for our clients and employees. Our company DNA is built around talented and committed teams dedicated to building a brand that we are proud of and earn the trust of our clients.

Who We Are
We are a bank, but we're much more than that. We believe that banking is about enabling people to control their financial lives through banking that is simplified, accessible, affordable and delivered through personal experience. By helping our clients manage their financial lives better, we enable them to live better.

Why Choose Us
At Capitec, we offer our best by living up to our CEO values in every situation – we always put the Client first, act with Energy and take Ownership. And to support people in being their best, our Employee Value Proposition offers every value to all team members through cohesive teams, growth opportunities as well as employee benefits and savings. We make it a priority to ensure that each member of the Capitec team feels welcome, valued, focused, and has the opportunity to grow.

About The Role
The Cyber Security Engineer role focuses on implementing, configuring, and operating the organization's identity governance and administration platform. Join our dynamic Identity & Access Platforms team as a Cyber Security Engineer, where you'll play a key role in securing and managing our core identity infrastructure.

*Our Ideal Candidate *

• Minimum 5 years' experience with Active Directory administration and support.
• Strong understanding of authentication protocols (SAML, OpenID Connect).
• Experience with identity providers (Keycloak or similar platforms advantageous).
• Solid grasp of DNS and networking fundamentals as they relate to identity management.
• Familiarity with Entra ID and related technologies is a plus
• Experience with public cloud computing platforms (AWS and Azure preferred)

Qualifications (Minimum)

• Grade 12 National Certificate / Vocational

Qualifications (Ideal Or Preferred)

• A relevant tertiary qualification in Information Technology - Computer Science

What You'll Do

• Manage and support Active Directory (AD) and related identity platforms.
• Oversee and maintain authentication protocols (e.g., SAML, OpenID Connect).
• Work with identity providers such as Keycloak (experience preferred but not required).
• Ensure secure integration and operation of identity services across the organization.
• Troubleshoot and resolve issues related to identity, authentication, and access management.
• Collaborate with cross-functional teams to support business and security objectives.

*Technical Skills *

• Active Directory Domain Services (AD DS)
• Development & Operations (DevOps)
• Azure Active Directory (Entra ID)
• Networking (DNS, DHCP)
• Security & Compliance
• Identity & Access Management
• Backup & Disaster Recovery
• Hybrid Infrastructure & Operating Systems
• Privileged Access Management (PAM)
• Zero Trust principles by understanding identity and access management (IAM), implementing least-privilege access, and using (JIT/JEA) to strengthen AD security.

Skills

• Analytical Skills
• Communications Skills
• Consultation skills
• Planning, organising and coordination skills
• Problem solving skills

*Conditions of Employment *

• Clear criminal and credit record

Capitec is committed to diversity, applications to this position will strictly be considered in support of our employment equity goals.

Company Description

Altron Security is a leader in providing holistic security solutions for enterprises facing digital transformation, data privacy, remote workforce, and insider threats. Our pivotal position in the digital identity ecosystem and collaborative approach with partners allows us to develop next-generation technology solutions. Based on our customer-centric approach, we aim to build security into great customer experiences and rethink IT security in a digitally transforming world.

Role Description

This is a full-time hybrid role for a Junior Cyber Security Engineer located in the Johannesburg Metropolitan Area, with some work-from-home flexibility. The Junoir Cyber Security Engineer will be responsible for:

-Assist in the design, configuration, and deployment of cybersecurity solutions in line with client requirements.

-Support testing and troubleshooting efforts to ensure the reliability and effectiveness of security products and controls.

-Participate in the maintenance and optimization of deployed cybersecurity systems and controls

-Under supervision, collaborate with clients to understand and document cybersecurity needs and objectives.

-Contribute to the development of solution proposals by translating client requirements into technical specifications.

Qualifications

IT degree / diploma / industry recognized certification.

Certified CompTIA N+.

Certified CompTIA Security+ will be advantageous

Experience

2-4 years related experience in information security

Skills

Basic understanding and hands on experience of:

·   Installing, configuring and troubleshooting Microsoft Windows & Linux operating systems.

·   Installing, configuring and troubleshooting network equipment.

·   Installing, configuring and troubleshooting application servers.

·   Installing, configuring and troubleshooting SSL/TLS certificate deployments.

·   Installing, configuring and troubleshooting information security related tools.

·   System monitoring and alerting.

Work under pressure.

Excellent communication (written & verbal) and interpersonal skills.

Other

Own reliable transport.

Remote work environment, equipment and reliable network connectivity to support flexible work from home arrangements.

Job description:

Join Us in Becoming the Best Bank in the World

We appoint energized and motivated people for their potential and continuously look for talented, driven individuals to help us innovate and evolve. That is why we focus on finding the right people for the right jobs. We love what we do because we focus on making a positive difference for our clients and employees.  Our company DNA is built around talented and committed teams dedicated to building a brand that we are proud of and earn the trust of our clients.

Who We Are

We are a bank, but we're much more than that. We believe that banking is about enabling people to control their financial lives through banking that is simplified, accessible, affordable and delivered through personal experience. By helping our clients manage their financial lives better, we enable them to live better.

Who Choose Us

At Capitec, we offer our best by living up to our CEO values in every situation – we always put the Client first, act with Energy and take Ownership. And to support people in being their best, our Employee Value Proposition offers every value to all team members through cohesive teams, growth opportunities as well as employee benefits and savings. We make it a priority to ensure that each member of the Capitec team feels welcome, valued, focused, and has the opportunity to grow.

About The Role

The Cyber Security Engineer role focuses on implementing, configuring, and operating the organization's identity governance and administration platform. The role sits within the identity and access management function, supporting the bank's identity governance and administration needs.

Our Ideal Candidate

• 5+ years in Cyber Security Engineering
• 3 years of hands-on experience in IAG implementation and operations, preferably using SailPoint IdentityNow.
• Proven expertise in configuring and managing IAG platforms, SailPoint IdentityNow is preferred.
• Strong understanding of identity governance principles and best practices in a banking environment.
• Familiarity with related cybersecurity technologies, including:
• Identity Provider (IdP) systems
• Active Directory and Azure AD (EntraID)
• API (REST) integrations
• Excellent problem-solving skills and ability to work in a fast-paced, regulated environment

Qualifications (Minimum)

• Grade 12 National Certificate / Vocational

Qualifications (Ideal or Preferred)

• A relevant tertiary qualification in Information Technology - Computer Science

What You'll Do

• Join the team performing the implementation, configuration, and operation of SailPoint IdentityNow for IAG (Identity Administration and Governance)/
• Support the implementation, configuration and maintenance of identity governance processes, policies, and workflows tailored to the banking sector.
• Collaborate with cross-functional teams to integrate IAG solutions with existing applications and systems.
• Monitor and enhance security protocols to mitigate risks and ensure compliance with identified regulations.
• Provide technical expertise and support for IAG-related incidents and improvements.

Technical Skills

• Active Directory Domain Services (AD DS)
• Development & Operations (DevOps)
• Azure Active Directory (Entra ID)
• Networking (DNS, DHCP)
• Security & Compliance
• Identity & Access Management
• Backup & Disaster Recovery
• Hybrid Infrastructure & Operating Systems
• Privileged Access Management (PAM)
• Zero Trust principles by understanding identity and access management (IAM), implementing least-privilege access, and using (JIT/JEA) to strengthen security

Skills

• Analytical Skills
• Communications Skills
• Consultation skills
• Planning, organising and coordination skills
• Problem solving skills

Conditions of Employment

• Clear criminal and credit record

Cyber Security Engineer

Location: Century City, Cape Town (Onsite)

Salary: R840,000 – R1,080,000 CTC per year

Benefits: Medical aid contribution

Travel: Occasional travel to USA and Johannesburg

About the Role

We're looking for an experienced Cyber Security Engineer to take the lead on building, implementing, and maintaining world-class security solutions. You'll be the go-to person for ensuring systems, applications, and infrastructure are protected against evolving threats, while guiding both service delivery and development teams to embed resilience into everything we build.

This is a role where you'll not only design and implement strategy but also roll up your sleeves to solve incidents and shape the security culture of the business.

What You'll Do

• Design and implement cyber security strategies for customers
• Manage firewalls, patching, endpoint protection, and intrusion detection
• Oversee SIEM systems, device management, and SSO solutions
• Develop and enforce security policies, procedures, and change management processes
• Provide 3rd-level support for cyber incidents and investigations
• Work closely with service delivery teams to strengthen client-facing security processes
• Partner with developers to architect secure, resilient applications

What You'll Bring

• Bachelor's degree in IT, Computer Science, or related field
• 5+ years' experience in cyber security roles
• Solid knowledge across firewalls, SIEM, endpoint protection, and intrusion detection
• Strong problem-solving skills and a proactive approach
• Excellent communication and ability to work closely with cross-functional teams

If you're ready to take ownership of cyber security in an environment pushing the boundaries of technology, this role offers both challenge and impact.

Job Types: Full-time, Permanent

Pay: R840 000,00 - R ,00 per year

Experience:

• Endpoint Protection: 5 years (Required)
• SSO Solutions: 5 years (Required)
• Cyber Security Engineering: 5 years (Required)
• Firewall: 5 years (Required)
• SIEM: 5 years (Required)

Work Location: In person

Electrum is the next-generation payments technology company that provides cloud-native software to optimize the processing of financial transactions. Since 2012, we have established ourselves as a respected payments technology partner through our deep expertise and track record in delivering trusted enterprise-grade payments solutions.

We've built a reputation in providing solutions for high-volume, low-value payment schemes and services that enable our clients to deliver to their customers at scale. We love that the projects we work on touch the lives of millions of South Africans daily, making a real difference.

We hire the best of the best and we offer great opportunities for personal growth and career progression.

We are seeking a highly-skilled Cyber Security Engineer to join our dynamic team in safeguarding our digital infrastructure. This is an exciting opportunity to play a pivotal role in the protection and resilience of our information systems. You will work alongside experienced professionals in a collaborative environment that values innovation, continuous improvement, and proactive risk management. In this role, you will contribute directly to the security posture of the organisation by identifying vulnerabilities, responding to incidents, and implementing best-in-class security practices.

As a Cyber Security Engineer, you will be responsible for protecting the organisation's digital assets and networks from security threats and unauthorised access. You will monitor systems for potential breaches, respond to incidents, and develop security measures to mitigate future risks.

Vulnerability Management

• Conduct regular vulnerability assessments and risk analyses.
• Evaluate new security tools and services for adoption.
• Manage internal processes for vulnerability disclosures and resolution.

Incident Response

• Monitor and analyse security logs, alerts, and tools to detect threats.
• Investigate and document incidents, determining cause and impact.
• Follow established incident response protocols and support 24/7 operations through on-call rotations.

Security Awareness and Risk Management

• Collaborate with teams to implement security best practices.
• Maintain and update policies in line with ISO 27001 and other standards
• Conduct security risk assessments and implement mitigation measures
• Design and deliver employee security awareness training programs.

Collaboration and Governance

• Foster strong working relationships across internal teams.
• Contribute to the development and maintenance of security documentation, processes, and knowledge bases.
• Promote a culture of compliance, accountability, and continuous improvement.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Minimum of 3 years' professional experience in Cyber Security or a related discipline.

• Strong technical background in computer systems and network security.

• Experience with:

• Vulnerability assessment and management tools

• Extended Detection and Response (XDR) platforms
• Network security technologies (e.g., firewalls, IDS/IPS, segmentation)
• Security frameworks (ISO 27001, SOC2, NIST, CIS Controls)
• Cloud infrastructure security (e.g., VPCs, security groups, NACLs)

A good work-life balance is very important at Electrum. To help you manage your own time and energy, Electrum offers benefits such as:

• Flexibility around core working hours (nature of flexibility is negotiated per role based on business needs
• Daily cooked lunches and a stocked kitchen for the mid-day nibbles
• Team socialising, getaways, and social outings

We have created a safe, transparent environment where we know mistakes happen, and that's okay. We even have a 3 step approach to dealing with them:

1. Tell everyone about it
2. Fix the mistake
3. Tell everyone about it

You are responsible for your actions – both the successes and the failures.

, South Africa's leading online retailer, is looking for a highly talented
Intermediate Cyber Security Engineer
to join our team.

We are a young, dynamic, hyper-growth company looking for smart, creative, hard-working people with integrity to join us. We offer a market-related, Total Remuneration Package that allows full flexibility according to your needs, a great work environment, and a promise that you won't be bored as long as you are prepared for a challenge and want to build something great.

Think you've been challenged before? Think again

• Scale
  : 4 million happy shoppers shop online on Show them what you can do.
• Learn
  : We work with the best of the best, and then some. Code alongside industry leaders and up-skill in record time.
• Grow
  : Expand your career in the fast-growing Takealot Group: and Mr D. We like to promote from within: Here's your chance.

Who's who in the tech space
This position reports to the Takealot Group Cyber Security Manager

Our ideal candidates
have a passion for technology, and they are constantly exploring, learning, and improving their skills. They are able to apply what they have learned and are able to share their knowledge freely. We embrace fit-for-purpose technology, meaning we have a diverse stack. Just like our culture, we obsess about building systems that are elegant, performant, reliable, scalable, yet simple. Our teams are autonomous, collaborative units that share a business and engineering vision, but have the freedom to tweak and influence how they go about their mission.

Your mission, should you choose to accept it:

• Performing penetration tests of Takealot Group applications, networks and systems.
• Designing and implementing technical solutions to enhance defensive security measures.
• Providing mentorship and guidance on security practices within the organisation.
• Deploying, managing, and monitoring security tools such as SIEM, IPS/IDS, and UEBA.
• Responding to and or managing security incidents as per standards and playbooks.
• Continuously striving to enhance security auditing and monitoring capabilities.
• Creating custom applications designed to detect and alert on potential security threats.
• Collaborating with broader engineering teams to ensure the security of platforms, applications, and networks.
• Strengthening server security and integrating security measures into the platform architecture.
• Developing automation scripts to address complex security challenges efficiently.
• The role requires flexibility in support responsibilities, including on-call availability for time-sensitive technical matters. This involves (e.g., "responding to system alerts, resolving urgent client issues, or assisting with deployment challenges"). The team ensures clear protocols and collaborative workflows to manage demands effectively.

The skills we need:

• Passionate about technology and security
• Curious, always learning, and keeps up to date with current security affairs
• A team player, an active listener, a mentor, and able to communicate well
• Shows solid reasoning and decision-making
• Possesses the ability to work under pressure
• A passion for open source technologies

Qualifications & Experience:

• A formal qualification/degree in Computer Science or Engineering would be advantageous with 3+ years of experience or 4-5 years of professional experience in a security or similar role with a combination of certifications such as (OSCP, CEH, CISM, CISSP, etc.).
• Experience with contributing to bug bounty programs such as HackerOne, or professional experience in performing and reporting on penetration tests or Red Team engagements
• Solid, working understanding of Open Source Operating Systems and Applications
• Working knowledge and experience of a programming language such as Python
• Solid, working understanding of Networking (TCP, UDP, IP, nmap, wireshark, etc.)
• Solid, working understanding of web technologies (HTTP, HTTPS, SSL, TLS)
• Experience with IAM systems and access governance
• Experience with WAF (Cloudflare)
• Experience with Google Cloud or a similar cloud provider, such as AWS or Azure
• Experience with Kubernetes, Docker, or containers in general (Is a plus)
• Experience with defensive systems (SIEM, IDS/IPS, Canaries, Fail2Ban, etc.)
• Understanding of CI/CD pipelines
• Working knowledge of Automation workflows

Let's talk about life @ Takealot Group

• The power is in your hands
  : We offer a market-related, Total Remuneration Package which allows full flexibility according to your needs. Go on, be the master of your own destiny.
• No doors
  : We aren't fans of stuffy offices or siloed work environments. See someone you like? High five, collab, and make something great.
• Remote working
  : Love water cooler chats and working from home? offers a hybrid working model for the best of both worlds.
• Mentorship programme
  : We aren't kidding when we say the people with the best people win. Now's your chance to be one of the best by learning from the best.
• Naspers Tech Community
  & Online Learning: Share ideas and grow with global industry leaders who are all just a Slack message away. Love to learn? Upskill with free access to courses on MyAcademy, Udacity, Coursera, and more.
• Good times
  : Get to know the other extraordinary minds at during regular social events and out-of-office activities (think hikes, think mini golf, think good times).
• Staff discount
  . Millions of products across 28 departments. What more could you ask for?
• Birthday leave
  : Cake Day all the way. Enjoy your day off - you deserve it.
• Right tools, right job
  : Mac or Windows, two monitors or one. Whatever your preference, you'll work on the latest tech, off the latest tech.
• Help when you need it most
  : Confidential counselling, legal support, and financial guidance, for free, anytime, anywhere.
• Tech stack (for days):
  ReactJS, Python, Scala, Kotlin, Swift, Google Cloud, Kafka, Redis, Kubernetes, and all things machine learning. If you build it, they will come.
• Free parking:
  No more 5km fun runs to your desk (unless you want to).

Like what you see?
If you meet the above, you are an
Extraordinary Mind.
Apply today

Takealot is an Equal Opportunity Employer. Applicants from the previously disadvantaged groups and people with disabilities will be given preference.