510 Cybersecurity jobs in South Africa

Job Overview

Business Segment: Group Functions

Location: ZA, GP, Johannesburg, 30 Baker Street

Job Type: Full-time

Job Ref ID: A-0001

Date Posted: 8/22/2025

Job Description

To provide Cyber-InfoSec expertise, professional knowledge, and technical skills to prevent cyber-attacks, significant reputational, financial, or other losses. To implement SBGs Cyber Resilience Programme to prevent cyber-attacks, protect sensitive data and systems from infiltration or misuse and execute the InfoSec capabilities against policies, standards, and controls across relevant functions

Qualifications

A degree in Information Technology or Computer Science.

IT Risk/Security certification such as CISM, CISSP or CISA is required.

A relevant Azure/AWS Cloud Certification is required

Experience Required:

Proficiency in Python is required. Experience with PowerShell, Bash and Ruby is an added advantage.

Experience in implementing machine learning and AI-powered automation workflows.

Design, develop, and maintain robust and scalable automation scripts and applications using Python and other scripting languages.

Experience with API integrations, database management (SQL/NoSQL), cloud infrastructures and cloud serverless technologies (e.g. AWS Lambda, Azure Functions) for implementing scalable cloud applications.

Experience with defensive technologies such as SIEMs, EDR tools, Threat Intelligence Platforms (TIP), OSINT tools and offensive technologies such as Burp Suite, Cobalt Strike, and Metasploit is an added advantage.

Experience within Financial Service Industry developing threat models, risk profiles, cybersecurity risk and incident management, and insight into crime in the financial sector.

Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions, building cyber security intelligence.

Additional Information

Key Responsibilities:

Evaluate, develop and implement cyber security processes, tools integration and automation workflows for intelligence observation, enrichment, triage and investigations.

Implement machine learning and AI-powered automation workflows to provide intelligence observability and enrichment, enabling automated threat scoring reporting, and analysis of threat observations.

Debug, troubleshoot and optimize existing automation workflows and applications.

Document and present technical designs, specifications, and user manuals for all developed tools and workflows.

Integrate intelligence data from open-source, commercial, and internal sources to create a unified view for actionable intelligence analysis.

Research and stay current on application security threats, vulnerabilities, and emerging tactics, techniques and procedures (TTPs).

Familiarity with the MITRE ATT&CK framework, Cyber Kill Chain, or other security-related frameworks.

Support purple teaming exercises to build cyber resiliency across security teams.

Behavioural Competencies:

Adopting Practical Approaches

Articulating Information

Developing Strategies

Embracing Change

Exploring Possibilities

Generating Ideas

Interpreting Data

Making Decisions

Meeting Timescales

Producing Output

Providing Insights

Team Working

Technical Competencies:

Data Analysis

Debugging and Fixing Software

Information Security Management

IT Risk Management

Software Development Life Cycle (SDLC) methodologies & Tools

Technical Analysis

Use of Build and Test Automation

Write Code

Please note: All our recruitment processes comply with the applicable local laws and regulations. We will never ask for money or any from of payment as part of our recruitment process. If you experience this, please contact our Fraud line on or

Overview

For more than 20 years, Globeleq has been a long-term investor, developer, owner and operator of diversified power projects in Africa, where the company is one of the largest Independent Power Producers. With nearly 1,800MW of generation capacity in operation across 17 power plants in 7 countries, 485MW of new power projects in construction and 2,000MW in development, Globeleq is one of the largest independent power producers solely focused in Africa. Globeleq is 70% owned by British International Investment and 30% by Norfund, the development finance institutions of the UK and Norway, and has a proven track record for supporting the ongoing development of the African power sector.

Globeleq’s generation technologies include gas, wind, solar PV, battery energy storage (BESS), and geothermal. The company is also actively pursuing new opportunities which are emerging from the energy transition.

The primary purpose of the role will be to support the Group Cyber Security Manager with operational security support. The Cyber Security Analyst will utilise their knowledge of threats and vulnerabilities to operate cyber defence systems against a range of cybersecurity concerns using the Microsoft security suite of products. The role is technical and will be based in Cape Town, South Africa.

• Threat Detection and Monitoring: Log analysis – Review system logs for suspicious activity. Microsoft Sentinel and Defender XDR platforms.
• Threat Hunting: Proactively search for hidden cyber threats. KQL.
• Incident Response: Investigate and respond to cyber incidents alerted by the Cyber Defence Centre and SIEM platform. Work with internal IT and OT teams to respond to, remediate, and recover from cyber incidents. Document incident response scenarios.
• Security Hardening: Drive remediation of security vulnerabilities and misconfiguration with IT and OT teams. Perform access reviews, dormant and unauthorised device reviews, and drive remediation.
• Cyber Security Assessments: Conduct risk assessments and document action plans in risk registers. Facilitate risk response activities and document outcomes. Report on non-compliance. Facilitate third-party security reviews.
• Security Awareness: Conduct phishing and other security-related simulations. Perform role-based security awareness. Drive remedial training activities.
• Red Teaming: Maintain the red-team platform. Conduct attack simulations. Drive remediation with the blue team and IT teams.
• Reporting and Processes: Document security processes and procedures. Produce weekly, monthly and quarterly security reports for management.

• Good verbal communication, able to communicate technical information with other technical teams.
• Good written communication, including being able to write clear, concise emails and reports.
• Willingness to learn. Proactive attitude. Able to work in a multicultural context. Able to influence others without line authority.
• Good analytical and problem-solving ability, with a solutions-focused approach. Good facilitation skills and the ability to coordinate with others to achieve objectives.
• Able to work well under occasional high stress / high-risk situations. Able to handle multiple tasks, prioritise work and work effectively under limited supervision.

The following experience and qualifications are considered minimum requirements.

• 2+ years’ experience in a security analyst or operations role with hands-on experience with the Microsoft security suite of products.
• Any one of the following: CompTIA Security+, Certified in Cybersecurity (CC) – ISC2, ISACA Certified Cybersecurity Operations Analyst (CCOA) or
• Code B driver’s license.

The following experience and qualifications would be considered an advantage to an applicant.

• Microsoft Certified: Security Operations Analyst Associate (SC-200).
• SSCP – Systems Security Certified Practitioner - ISC2.
• Certified as competent in CompTIA Cyber Security Analyst (CySA) or EC-Council Certified Network Defender (EC-CND).
• Experience with Defender XDR, Intune, and Red Team platforms.
• Experience with the KnowBe4 security awareness platform.
• Experience performing risk assessments and conducting third-party risk assessments.
• Experience with Operational Technology environments.

We develop, own and operate power plants utilising various technologies across the African continent. With many years of international industry experience, the support of committed shareholders, and long-standing project, technology, finance and government partnerships, we have the financial strength, management and operational expertise to power Africa to realise its potential.

Join the dynamic and fast-paced world of Aculocity, a global technology consulting company dedicated to revolutionizing business processes through cutting-edge technology solutions. Since our formal inception in 2006 (and informal in 1999), we've been at the forefront of delivering tailor-made software development solutions, seamless software system implementations, powerful business intelligence, and innovative business process solutions.

As a proud member of the GVW Group, LLC portfolio of companies, we are a premier provider of technology services for GVW's extensive portfolio and a rapidly growing external client base. Join a team that is driving innovation and transforming businesses worldwide. Elevate your career with us at Aculocity.

We seek an experienced Cybersecurity Analyst to join our team and enhance the cybersecurity posture of our global manufacturing, distribution, and software development operations. This role is based in South Africa and offers the opportunity to work flexible hours to overlap with the US-based Infrastructure and Security team to which this role will report. The successful candidate will be responsible for monitoring, analyzing, and responding to security incidents, ensuring compliance with industry standards, and proactively addressing emerging threats in a dynamic international environment. A customer-oriented ultimate team player is a must.

• Monitor and Analyze Security Incidents:
  • Collaborate with the team to continuously monitor security alerts and events to identify potential threats and vulnerabilities.
  • Work with security engineers to analyze security incidents, determine their impact, and develop appropriate response strategies.
• Support Implementation and Maintenance of Security Solutions:
  • Assist in the design, implementation, and maintenance of security solutions, including firewalls, intrusion detection systems, and endpoint protection.
  • Ensure alignment with business objectives and industry best practices.
• Collaborate with Cross-Functional Teams:
  • Work closely with IT and business leaders to align security practices with organizational goals.
  • Support secure manufacturing and business operations.
• Conduct Security Assessments and Audits:
  • Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with industry regulations (e.g., ISO 27001, NIST, GDPR).
  • Develop risk mitigation strategies and oversee threat intelligence processes.
• Contribute to the Development and Implementation of Security Policies and Standards:
  • Collaborate with the team to establish and enforce security policies, standards, and procedures to protect systems, data, and intellectual property.
  • Provide expertise in incident response and drive continuous improvement post-incident.
• Training and Awareness:
  • Develop and deliver cybersecurity training and awareness programs for employees.
  • Promote a culture of security awareness across the organization.

• Education: Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
• Experience: 5+ years of experience in cybersecurity, with a focus on security monitoring, incident response, and vulnerability management.
• Certifications: Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are strongly preferred.
• Technical Skills: Expertise in security frameworks (e.g., NIST, ISO 27001), network and cloud security, incident response, threat intelligence, and security operations.
• Analytical Skills: Strong problem-solving and risk assessment skills, with an ability to manage complex projects and meet critical deadlines.
• Communication: Clear and effective communicator with the ability to present security topics to technical and non-technical audiences at all levels of the organization.

• Impact: Play a key role in securing the operations of an international manufacturing organization.
• Innovation: Drive and implement cutting-edge cybersecurity solutions in a dynamic industry.
• Growth: Benefit from continuous learning opportunities, professional development, and career growth.
• Collaborate: Join a unique and growing international team of IT professionals operating around the clock across three continents.
• Flexibility: We offer flexible work hours to collaborate closely with the US-based team.
• Global presence: We have work sites on four continents, with plans to expand further.

The ideal candidate will be responsible for protecting enterprise systems, networks, and client environments from internal and external threats. This role involves proactive threat detection, vulnerability assessments, incident response, and security architecture reviews across hybrid and cloud platforms.

Key Responsibilities

• Monitor, analyze, and respond to security incidents across on-premises, cloud, and hybrid environments.
• Perform vulnerability assessments, threat modeling, and penetration testing using industry tools and frameworks.
• Implement and manage endpoint protection platforms, EDR, and SIEM systems (e.g., SentinelOne, Sophos, FortiSIEM, Microsoft Defender).
• Develop and enforce IT security policies, procedures, and awareness training programs.
• Coordinate incident response efforts and lead investigations, containment, and remediation.
• Manage firewall policies, VPN configurations, and access control across networks.
• Conduct security reviews of applications, systems, and infrastructure for compliance and best practices.
• Assist in client cybersecurity onboarding and provide expert advisory support to clients and internal teams.
• Stay current on evolving cyber threats, vulnerabilities, and regulatory compliance standards (e.g., POPIA, GDPR, ISO 27001).
• Document risks, controls, and maintain reports for audits and management dashboards.

Requirements

Preferred Qualifications

About Reflex

Established in 2000 in South Africa, Reflex has evolved from modest origins to become a distinguished provider of Information and Communication Technology (ICT) solutions. We specialise in delivering innovative ICT solutions across various industries, earning a sterling reputation for our excellence in the retail sector and beyond. With a robust network of partnerships, we pride ourselves on our ability to swiftly address the technological needs of our clients.

Our portfolio of ICT solutions spans various industries. ReflexCarrier understands what is needed to build, manage, and operate complex backbone networks simply. Our solutions are tailored for Fibre Network Operators (FNO), Internet Service Providers (ISPs), and those looking for comprehensive Managed Connectivity solutions.

On the other hand, our Enterprise Solutions take the complexity out of technology, allowing you to focus on what you do best. We provide seamless, high-performance solutions for connectivity, communications, workplace management, cloud, and cybersecurity services.

Together, both divisions reflect our core values of expertise, clarity, and client-centricity. We take pride in being large enough to offer extensive support while remaining small enough to provide personalised service. At Reflex, our clients are at the centre of everything we do, and we’re committed to delivering reliable, jargon-free solutions that drive your success.

The Cyber Security Consultant is responsible for assessing, designing, and implementing security measures to protect an organization's digital assets. They work closely with clients to identify vulnerabilities, develop security strategies, and ensure compliance with industry standards and regulations.

• Conduct Security Assessments: Evaluate the existing security measures of an organization and identify vulnerabilities and weaknesses.
• Develop Security Strategies: Create and implement effective security protocols, policies, and procedures to protect against cyber threats.
• Perform Penetration Testing: Conduct rigorous testing, including penetration testing, to simulate attacks and test the strength of security measures.
• Provide Technical Advice: Offer guidance and instruction on best practices for cybersecurity.
• Keep abreast of all aspects of cybersecurity: Keep up to date with the latest industry trends, threats, and security measures.
• Respond to Incidents: Lead the incident response process, investigating causes and recommending corrective actions.
• Train Staff: Educate staff on cybersecurity related principles, best practices and information security procedures.
• Create Reports: Develop and deliver comprehensive reports on findings and recommendations to management and stakeholders.
• Advise on Compliance: Ensure that security measures comply with relevant regulations and standards.

• 3-5 years of experience in cybersecurity or a related field.
• Original Equipment Manufacturer/Vendor technology certifications
• Strong understanding of security principles, risk management, and relevant technologies.
• Excellent communication and presentation skills, with the ability to explain complex technical concepts to non-technical audiences.
• Ability to work collaboratively with clients and internal teams.
• Strong problem-solving skills and attention to detail.
• A responsible individual who adopts a result driven approach.
• Ability to work well under pressure and meet tight deadlines.
• Positive attitude and a passion for the role.
• Strong leadership and management skills.
• Strong analytical and problem-solving skills.

• Perform log ingestion, define use cases, and create alerts for critical assets.
• Perform daily SIEM health checks and remediate accordingly.
• Monitor security alerts and events using various tools and technologies.
• Analyze and investigate security incidents to identify potential threats.
• Collaborate with team members to develop and implement effective monitoring strategies.
• Using IOCs and threat intelligence, perform threat hunting across environment.

• Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradiate and recovery from threats.
• Document and report incidents, ensuring accurate and comprehensive records.
• Follow established incident response procedures, playbooks and contribute to their enhancement.

• Manage and maintain endpoint security and EDR solutions.
• Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
• Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
• Work with IT teams to ensure endpoint security configurations align with organizational standards.

• Assist in the identification and prioritization of vulnerabilities within the organization's infrastructure.
• Collaborate with system owners and IT teams to remediate identified vulnerabilities.
• Stay informed about the latest security threats and vulnerabilities.

• Monitor and analyze email traffic for potential security threats.
• Respond to and mitigate email-borne security incidents.
• Work with email security solutions to enhance protection against phishing and malware attacks.

• Relevant degree or advanced diploma in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience.
• One or more certifications in: EC-Council SOC, Security+, AWS Certifications, Microsoft Certifications, Google Certifications
• Must have 3-6 years' experience in a Cybersecurity related role.
• Practical experience with system monitoring SIEM, assessment, and reporting tools (ArcSight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, AlientVault etc.)
• Practical experience with EDR and XDR tools.
• Proficiency in network security, operating systems, and security technologies.
• Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).
• Experience with Vulnerability and Malware Analysis (threat and attack analysis).
• Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, etc.).
• Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection
• Technology experience to be considered; Security+; Microsoft Security Certifications (MS-SC200); Azure Certifications, Recognised SOC certification

• Ability to work in independent environments under aggressive timelines.
• Ability to develop and maintain working relationships in a global environment.
• Excellent analytical and problem-solving skills
• Outstanding written skills for preparing reports and briefings.

• Communicates Effectively - conveys information and communicates ideas in a clear, concise and impactful manner
• Decision Quality - consistently makes timely, well-rounded and informed decisions
• Ensures Accountability - takes accountability and ensures others are held to account on agreed upon performance targets
• Manages Complexity - interprets and simplifies complex and contradictory information when resolving organisational problems
• Tech Savvy - leverages new technology to enhance productivity, improve problem solving, and support business growth

The ideal candidate will be responsible for protecting enterprise systems, networks, and client environments from internal and external threats. This role involves proactive threat detection, vulnerability assessments, incident response, and security architecture reviews across hybrid and cloud platforms.

· Monitor, analyze, and respond to security incidents across on-premises, cloud, and hybrid environments.

· Perform vulnerability assessments, threat modeling, and penetration testing using industry tools and frameworks.

· Implement and manage endpoint protection platforms, EDR, and SIEM systems (e.g., SentinelOne, Sophos, FortiSIEM, Microsoft Defender).

· Develop and enforce IT security policies, procedures, and awareness training programs.

· Coordinate incident response efforts and lead investigations, containment, and remediation.

· Manage firewall policies, VPN configurations, and access control across networks.

· Conduct security reviews of applications, systems, and infrastructure for compliance and best practices.

· Assist in client cybersecurity onboarding and provide expert advisory support to clients and internal teams.

· Stay current on evolving cyber threats, vulnerabilities, and regulatory compliance standards (e.g., POPIA, GDPR, ISO 27001).

· Document risks, controls, and maintain reports for audits and management dashboards.

· Minimum 4 years' experience in cybersecurity, network security, or information security roles.

· Proficiency in configuring and maintaining firewalls, EDR, SIEM, anti-virus, and threat detection systems.

· Hands-on experience with security audits, vulnerability scanners, and compliance frameworks.

· Understanding of TCP/IP, DNS, IDS/IPS, email security, and authentication protocols.

· Experience with Microsoft 365 and Azure security tools (Defender for Endpoint, Purview, Conditional Access).

· Ability to manage and respond to incidents under pressure with clear documentation and communication.

· Strong analytical, troubleshooting, and reporting skills.

· Relevant certifications such as CompTIA Security+, CEH, Microsoft SC-200/SC-300, or CISSP.

· Familiarity with MDR/XDR platforms and cybersecurity frameworks (NIST, MITRE ATT&CK).

· Experience supporting cybersecurity in an MSP or client-facing environment.

Join the dynamic and fast-paced world of Aculocity, a global technology consulting company dedicated to revolutionizing business processes through cutting-edge technology solutions. Since our formal inception in 2006 (and informal in 1999), we've been at the forefront of delivering tailor-made software development solutions, seamless software system implementations, powerful business intelligence, and innovative business process solutions.

As a proud member of the GVW Group, LLC portfolio of companies, we are a premier provider of technology services for GVW's extensive portfolio and a rapidly growing external client base. Join a team that is driving innovation and transforming businesses worldwide. Elevate your career with us at Aculocity.

Job Summary:

We seek an experienced Cybersecurity Analyst to join our team and enhance the cybersecurity posture of our global manufacturing, distribution, and software development operations. This role is based in South Africa and offers the opportunity to work flexible hours to overlap with the US-based Infrastructure and Security team to which this role will report. The successful candidate will be responsible for monitoring, analyzing, and responding to security incidents, ensuring compliance with industry standards, and proactively addressing emerging threats in a dynamic international environment. A customer-oriented ultimate team player is a must.

Key Responsibilities:

• Monitor and Analyze Security Incidents:
• Collaborate with the team to continuously monitor security alerts and events to identify potential threats and vulnerabilities.
• Work with security engineers to analyze security incidents, determine their impact, and develop appropriate response strategies.
• Support Implementation and Maintenance of Security Solutions:
• Assist in the design, implementation, and maintenance of security solutions, including firewalls, intrusion detection systems, and endpoint protection.
• Ensure alignment with business objectives and industry best practices.
• Collaborate with Cross-Functional Teams:
• Work closely with IT and business leaders to align security practices with organizational goals.
• Support secure manufacturing and business operations.
• Conduct Security Assessments and Audits:
• Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with industry regulations (e.g., ISO 27001, NIST, GDPR).
• Develop risk mitigation strategies and oversee threat intelligence processes.
• Contribute to the Development and Implementation of Security Policies and Standards:
• Collaborate with the team to establish and enforce security policies, standards, and procedures to protect systems, data, and intellectual property.
• Provide expertise in incident response and drive continuous improvement post-incident.
• Training and Awareness:
• Develop and deliver cybersecurity training and awareness programs for employees.
• Promote a culture of security awareness across the organization.

Qualifications:

• Education: Bachelor's degree in Computer Science, Information Security, or related field (Master's preferred).
• Experience: 5+ years of experience in cybersecurity, with a focus on security monitoring, incident response, and vulnerability management.
• Certifications: Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are strongly preferred.
• Technical Skills: Expertise in security frameworks (e.g., NIST, ISO 27001), network and cloud security, incident response, threat intelligence, and security operations.
• Analytical Skills: Strong problem-solving and risk assessment skills, with an ability to manage complex projects and meet critical deadlines.
• Communication: Clear and effective communicator with the ability to present security topics to technical and non-technical audiences at all levels of the organization.

Why Join Us?

• Impact: Play a key role in securing the operations of an international manufacturing organization.
• Innovation: Drive and implement cutting-edge cybersecurity solutions in a dynamic industry.
• Growth: Benefit from continuous learning opportunities, professional development, and career growth.
• Collaborate: Join a unique and growing international team of IT professionals operating around the clock across three continents.
• Flexibility: We offer flexible work hours to collaborate closely with the US-based team.
• Global presence: We have work sites on four continents, with plans to expand further.