What Jobs are available for Cyber Risk Management in South Africa?

Published : 06/09/2022

Location : South Africa

Career Level : Experienced

Entity : DQS South Africa

Type of employment : Associate

Reference number : ISMS0023

For almost four decades, the DQS group has been known internationally for the highest quality and reliability in the certification of processes or management systems. Above all, our success is based on a high level of customer and service orientation that goes far beyond verifying checklists, and of course, on our employees who give their best every day.

DQS is currently looking for qualified Information Security, Cyber Security and Risk Management specialists interested in pursuing a career in auditing.

Your primary role would be to carry out assessments of our customer's management systems to ensure they meet the requirements of International Standards such as

ISO 22301

,

ISO 27001

,

TISAX

and other related standards.

To apply you'll need at least:

• Professional education (academic or technical): Completed higher education with a university or trade school degree, master craftsman's diploma or equivalent.
• Professional experience: At least five years of professional experience, including management, personnel, or project responsibility, two of them relating to the respective management system (

ISO 27001

,

ISO 22301

,

TISAX

).
- Experience with information and cyber security technologies.
- It is important for us to assign experts and managers with practical experience in auditing.

Our success is based on our highly qualified and experienced auditors. They have completed professional training and/or a degree, have extensive experience with management techniques and management systems, and have proven practical experience in the various industries they audit.

Training and development will be provided to ensure your success as an auditor

Various trainings will be provided on an ongoing basis.

International working environment

Weiterbildungsmöglichkeiten

Exciting Projects

Open-minded team

DQS: Simply leveraging Quality.

Our success is based on our highly qualified and experienced auditors. They have completed professional training and/or a degree, have extensive experience with management techniques and management systems, and have proven practical experience in the various industries they audit.

Would you like to join a dynamic team of auditors and further expand the success of DQS? If you meet the above requirements and are interested in becoming a certified auditor with DQS, please send us your CV to

Apply Now

Job ads

Haven't found the right one for you yet? Feel free to take another look at our overview.

Back to the overview

• Who we're looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.
• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.
• Where you'll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We're in the business of rewards and incentives, so we know a thing or two about the importance of giving back. We can't grow as a business without growing as individuals, so we are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn - only by working as a team will we reach our goals.

We're the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

This role will be responsible for:

• ISMS Ownership & Audit Readiness

• Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

• Coordinate and lead internal audits (quarterly for TZ) and external certification audits.
• Write up audit findings and risk reports for SLT and the Board.
• Monitor ISMS KPIs and compliance metrics .

• Risk Management

• Own the company-wide risk register and associated documentation (excluding the risk framework itself).

• Support teams in identifying, assessing, and documenting risks.
• Track and ensure timely implementation of Risk Treatment Plans.
• Monitor and report on key risk metrics.

• Incident & Corrective Action Management

• Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

• Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

• Maintain and develop ISO 27001-compliant security policies (non-Engineering).

• Coordinate business-wide security awareness training (e.g., KnowBe4).
• Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

• Complete InfoSec and risk sections of client due diligence questionnaires.

• Support the development of a Trust Centre to streamline security responses.

What we're looking for

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.
• A strong understanding of risk frameworks, internal controls, and compliance management.
• Experience with audit coordination and ISMS documentation.
• The ability to translate technical and regulatory language into business-friendly advice.
• Working knowledge of privacy, AML, and business continuity requirements.
• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).
• Exceptional communication, reporting and organisational skills.

Benefits

We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum
• Retirement Fund (5%)
• Health insurance contribution
• Employee Incentive Scheme
• Hybrid Working
• Top spec equipment including laptop, mouse, keyboard, monitor
• Anniversary gifts
• Monthly breakfasts, drinks, snacks and events
• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world's leading businesses.

Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation.

If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

About Revolut

People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products — including spending, saving, investing, exchanging, travelling, and more — help our 65+ million customers get more from their money every day.

As we continue our lightning-fast growth, 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work. So far, we have 10,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.

About the role

Our Technology team builds the systems and experiences that keep Revolut moving. From the infrastructure behind our innovative app to the features used by millions of people around the world, they bring sharp thinking, speed, and a focus on meaningful impact to everything they do.

We're looking for an Information Security Manager to collaborate with regulators, management, and the Risk and Compliance team to oversee all things related to information security. You'll ensure proper documentation and reports are accurate and compliant.

Up to shape what's next in finance? Let's get in touch.

What you'll be doing

• Supporting teams in managing and reducing operational risk
• Designing, implementing, and testing risk controls
• Performing risk and control assessments and deep dives within various product and technology teams to come up with actionable insights
• Reducing non-compliance exposure in technology domains
• Establishing and running risk committees and working groups to improve risk posture
• Delivering technology risk insights and reports to the Board and Executive Committee
• Engaging with internal and external stakeholders on the group's IT risk posture
• Providing IT risk management consulting to the business, and developing mitigation strategies to address those risks

What you'll need

• 8+ years of experience in financial services, fintech, or technology
• An understanding of IT infrastructure (Cloud), software, hardware, tooling, data flows, and operations
• Knowledge of the hierarchy of technology, operations, and security policies and standards
• Familiarity with policy compliance and oversight processes
• The ability to define risk appetite, assess impact, and identify risk likelihood
• Expertise in measuring risks against appetite using risk assessment frameworks and reporting categories
• Experience in RCSA processes, tools, and frameworks
• The ability to support 1LoD in executing control testing
• Experience performing IT audits or working in 1LoD as a Technology Risk Manager in a financial services or technology firm
• Familiarity with industry and regulatory standards related to technology and security (SOX, SOC2, ISO, COBIT, ITIL)

Building a global financial super app isn't enough. Our Revoluters are a priority, and that's why in 2021 we launched our inaugural D&I Framework, designed to help us thrive and grow everyday. We're not just doing this because it's the right thing to do. We're doing it because we know that seeking out diverse talent and creating an inclusive workplace is the way to create exceptional, innovative products and services for our customers. That's why we encourage applications from people with diverse backgrounds and experiences to join this multicultural, hard-working team.

Important notice for candidates:

Job scams are on the rise. Please keep these guidelines in mind when applying for any open roles.

• Only apply through official Revolut channels. We don't use any third-party services or platforms for our recruitment.
• Always double-check the emails you receive. Make sure all communications are being done through official Revolut emails, with an domain.

We won't ask for payment or personal financial information during the hiring process. If anyone does ask you for this, it's a scam. Report it immediately.

By submitting this application, I confirm that all the information given by me in this application for employment and any additional documents attached hereto are true to the best of my knowledge and that I have not wilfully suppressed any material fact. I confirm I have disclosed if applicable any previous employment with Revolut. I accept that if any of the information given by me in this application is in any way false or incorrect, my application may be rejected, any offer of employment may be withdrawn or my employment with Revolut may be terminated summarily or I may be dismissed. By submitting this application, I agree that my personal data will be processed in accordance with Revolut's Candidate Privacy Notice

Notice: This is a remote position based in South Africa.

We're Hiring: Information Security Specialist

Company Description

Welcome to JNS Cloud Solutions, where innovation meets excellence in web design and development, SharePoint services, and ICT resourcing. Our comprehensive suite of services is designed to elevate businesses through managed IT services, strategic professional insights, and dedicated quality assurance. We also offer Office 365 solutions, data strategy consulting, application migration & development, and AI-powered transformation to stay ahead in the digital landscape.

Role Description

We are looking for an Information Security Specialist for a contract role in the Johannesburg Metropolitan Area with some work from home flexibility. The Information Security Specialist will be responsible for ensuring the security of applications, managing cybersecurity protocols, and overseeing information security management operations. The role also involves maintaining data privacy and network security within the organization.

Qualifications

• Proficiency in Application Security
• Experience in Cybersecurity and Information Security Management
• Knowledge in Data Privacy practices
• Skills in Network Security management
• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills
• Ability to work independently and as part of a team
• Relevant industry certifications (e.g., CISSP, CISM) are a plus

Are you passionate about securing enterprise data during high-impact migrations?

Join our team to: Ensure
data encryption
during migration (in transit & at rest)

Perform
risk assessments
for SharePoint Online migration

Guarantee
compliance with security standards

Requirements
:

• Proven experience in
  data security and compliance
• Strong understanding of
  ISO 27001
  or equivalent standards
• Experience with
  SharePoint and Microsoft 365 environments
  is a plus

Contract Duration: 30 months

Submit your
CV and project examples
to (Insert application email or link)

Be part of a team modernising one of South Africa's largest digital ecosystems.

Information Security Analyst

Acacium Group – Woodstock, Cape Town

Permanent, Full Time

Salary: R35 000 per month plus amazing benefits

Unlock Your Potential

Are you a technically minded individual with a passion for cybersecurity? Are you eager to grow and develop within a global organisation?

This is an excellent entry-level opportunity to launch your career in Information Security.

As an Information Security Analyst, you will play a key role in supporting our security operations and governance frameworks. You'll work closely with both technical teams—such as Infrastructure, Service Delivery, and Application Management—and non-technical teams including Legal, Compliance, HR, Audit, and Risk. You'll also engage with end users to promote best practices and ensure ongoing compliance across the organisation.

Every Day, You Will…

• Conduct threat hunting activities to proactively identify and mitigate risks.
• Assist in security incident management, including triaging alerts and coordinating responses.
• Support regular reviews of suppliers, project risks, and user access.
• Help update IT security policies and practices.
• Deliver and assess IT Security & Cyber Awareness training, audits, and testing.
• Contribute to maintaining compliance with standards like ISO 27001, Cyber Essentials Plus, NHS DSP Toolkit, and GDPR.
• Compile monthly and quarterly security reports.
• Assist in cyber incident response and business continuity efforts.

What's In It For You?

• Hands-on technical training and exposure to a wide range of systems
• Opportunities to earn certifications in the Information Security field
• Access to senior stakeholders and involvement in impactful corporate projects
• Mentorship from experienced professionals to guide your development
• A strong focus on your career growth, with the tools, support, and guidance to help you thrive
• Unmatched career progression, thanks to being part of a global group spanning healthcare, staffing, and life sciences
• Exciting events and incentives, both locally and across the wider group
• Employer contributions to medical aid
• Subsidised transport options

Join Us and Make a Difference

Acacium Group is a global healthcare solutions partner offering staffing, managed services, and innovative delivery models to health and social care systems and the life sciences industry. We are powered by the best people and have an unrivalled and diverse range of capabilities, all while incorporating our company values into everything we do:

Putting People First, Always by Your Side, Driven by Excellence.

Join us and play a key part in shaping the future of society and improving people's lives

To Thrive in This Role, You Must Have…

• A positive, logical, and proactive approach to problem-solving
• Strong organisational and time management skills
• The ability to prioritise tasks and deliver high-quality outcomes
• Clear written communication skills, especially when creating technical documentation for non-technical audiences
• The ability to identify and manage risks within the business and Information Security framework
• Confidence and strong verbal communication skills
• CompTIA Security+
• Microsoft Security Operations Analyst

Employment Equity

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

Designation:

Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category:

Information Technology

Job Level:

Professionally qualified and experienced specialists and mid-management

Posted by:

PSG Financial Services

Posted on:

03 Oct 2025

Reference Number:

POS08450

Closing date:

30-Oct-2025

Position Type:

Permanent

Location:

Waterfall Magwa Crescent

Overview:

VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT

PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit