69 Cybersecurity Analyst jobs in South Africa

Company Description

Aspen TESS is Aspen's technology-enabled shared services business, established to partner in unlocking business value through digital innovation and process efficiency. By delivering cost-effective services and innovative solutions to Aspen business units globally, Aspen TESS will eliminate repetitive effort and use technology to optimize standardized processes. 

OBJECTIVE

The L1 Cybersecurity Analyst is an entry-level role within the Cybersecurity Operations team. This position is critical in supporting core security domains such as Vulnerability Management, Incident Response, Email and Internet Filtering, and Endpoint Security. The analyst will be responsible for performing daily operational security tasks, conducting routine system health checks, and responding to security incidents reported by the Security Operations Center (SOC). This role offers a growth opportunity into more advanced cybersecurity positions such as L2 Cybersecurity Analyst, SOC Analyst, or Cybersecurity Engineer, depending on performance and upskilling.

Below is a general description of the key responsibilities, qualifications, and skills needed for this role:

KEY RESPONSIBILITIES

Security Operations and Monitoring

• Support cybersecurity engineers in monitoring and maintaining the cybersecurity platforms.
• Perform daily system operational checks on security tools and infrastructure to ensure ongoing functionality and security posture.
• Monitor and report on phishing simulation outcomes to assess user awareness and improve training efforts.

Incident Response and Management

• Respond to Tier 1 security incidents and escalate complex cases to the respective business units for further investigation and closure.
• Aid in tracking the resolution of open security incidents and maintain accurate records within the incident management system.
• Document incidents, tasks, and operational processes accurately in ticketing systems to ensure traceability and knowledge sharing.

Vulnerability Management

• Assist with the identification and validation of vulnerabilities using tools like Qualys.
• Coordinate remediation efforts by working with appropriate teams to ensure timely resolution of identified vulnerabilities.

Compliance and Audit Support

• Collaborate with compliance teams to gather evidence for audits.
• Support internal security assessments by providing necessary documentation and assisting in the evaluation of controls.

SKILLS AND COMPETENCIES:

• Basic knowledge of:

  Network security fundamentals (firewalls, proxies, IP, DNS, etc.)

  Operating systems (Windows, Linux) and endpoint security principles

  Security incident and event monitoring (SIEM tools such as Microsoft Sentinel)

  Familiarity with vulnerability scanners and CVSS scoring.

• Basic scripting or query language skills (e.g., PowerShell, KQL) — a plus.
li>Excellent attention to detail and accuracy
• Effective verbal and written communication skills
• Ability to prioritize and manage multiple tasks
• Trustworthy and handles sensitive information with discretion

QUALIFICATIONS & EXPERIENCE

• Diploma or Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field (or equivalent practical experience)
• Industry certifications (preferred but not required):

    - CompTIA Security+

0–2 years of experience in IT or Cybersecurity operations

Managed Talent Solutions client in the mining sector is looking for a Information Security Analyst on a 12 month fixed term contract. Must have +6 years experience in conducting risk assessments that rely on outside penetration testing support and application of common Information Security Frameworks such as the ISO27000 series, SANS20, NIST and the ISF control framework.

POSITION INFO : Requirements :

• An undergraduate or postgraduate qualification in computer science, business informatics, / technology or equivalent Â
• Professional certifications and experience in Information Security from industry standard security frameworks : ISACA, BCS, CIPP, ITIL, Crest, ISC2, COMPTIA and key security vendors including Microsoft, Crowdstrike, Qualys, IBM.
• Must have experience in appliocation of Information Security frameworks such as the ISO27000 series, SANS20, NIST and the ISF control framework
• Conducting risk assessments that rely on outside penetration testing support
• Information security training and awareness concepts and delivery
• Incident response and crisis management concepts experience

 Key responsibilities :

• Support and monitor cybersecurity initiatives and controls in the region
• Collaborate with regional IT and security teams to implement security measures and protocols
• Conduct security assessments and risk analyses for regional assets and systems
• Facilitate security awareness training for regional employees
• Respond to and investigate security incidents in the region
• Stay updated with regional cybersecurity regulations and compliance requirements

Security Analyst • Johannesburg, South Africa

Managed Talent Solutions client in the mining sector is looking for a Information Security Analyst on a 12-month fixed-term contract. Must have more than 6 years of experience in conducting risk assessments that rely on outside penetration testing support and application of common Information Security Frameworks such as the ISO27000 series, SANS20, NIST, and the ISF control framework.

Requirements:

• An undergraduate or postgraduate qualification in computer science, business informatics, engineering/technology, or equivalent.
• Professional certifications and experience in Information Security from industry-standard security frameworks: ISACA, BCS, CIPP, ITIL, Crest, ISC2, COMPTIA, and key security vendors including Microsoft, Crowdstrike, Qualys, IBM.
• Experience in application of Information Security frameworks such as the ISO27000 series, SANS20, NIST, and the ISF control framework.
• Experience in conducting risk assessments that rely on outside penetration testing support.
• Knowledge of information security training and awareness concepts and delivery.
• Experience with incident response and crisis management concepts.

Key responsibilities:

• Support and monitor cybersecurity initiatives and controls in the region.
• Collaborate with regional IT and security teams to implement security measures and protocols.
• Conduct security assessments and risk analyses for regional assets and systems.
• Facilitate security awareness training for regional employees.
• Respond to and investigate security incidents in the region.
• Stay updated with regional cybersecurity regulations and compliance requirements.

OpsArmy St. George's, Saint George, Grenada

Join to apply for the Information Security Analyst | Grenada | Remote role at OpsArmy

OpsArmy St. George's, Saint George, Grenada

1 week ago Be among the first 25 applicants

Join to apply for the Information Security Analyst | Grenada | Remote role at OpsArmy

Get AI-powered advice on this job and more exclusive features.

Information Security Analyst (Sales Enablement Focus)

Fully Remote | Full-Time

Schedule: Monday - Friday, 11:00 AM - 7:00 PM EST

Apply here: The Role

Were looking for an Information Security Analyst with a Sales Enablement focus to drive our customer trust efforts by owning security questionnaires, RFPs, and related documentation. This role connects Information Security with Sales, Legal, and Product teams to ensure timely, accurate, and compelling responses that reflect our security posture.

Key Responsibilities

• Own and complete customer security questionnaires, including SIG, CAIQ, VSA, and custom formats.
• Respond to security-related RFPs and RFIs, ensuring submissions are accurate, timely, and aligned with company policies.
• Collaborate cross-functionally with Sales, Legal, Product, and Engineering to gather and validate responses.
• Maintain and proactively update a repository of security documentation and standard answers.
• Act as a subject matter expert on the company's security posture, controls, and certifications (e.g., SOC 2, ISO 27001).
• Develop scalable processes, templates, and documentation to streamline future submissions.
• Liaise with prospective customers and InfoSec during security assessments and reviews.
• Identify trends in customer inquiries to inform internal roadmaps and improve external communications.
  
  
  

• Experience in Information Security, Risk, Compliance, or a related role preferably in SaaS or B2B tech.
• Hands-on experience completing security questionnaires or contributing to RFP/RFI processes.
• Strong understanding of security controls, compliance frameworks, and risk management.
• Excellent written and verbal communication skills, with the ability to explain complex topics clearly.
• Detail-oriented with strong organizational and project management skills.
• Familiarity with tools like OneTrust, Whistic, or Vanta is a plus.
  
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Technology, Information and Internet

Referrals increase your chances of interviewing at OpsArmy by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

A Security Engineer is a crucial member of an organization’s IT team, specializing in safeguarding digital assets and maintaining the security posture of the company. They work to design, implement, and manage security measures to protect against cyber threats, unauthorized access, and data breaches.

Key Responsibilities:

Security Infrastructure Design:

• Design and implement security infrastructure, including firewalls, intrusion detection systems, and encryption protocols.
• Evaluate and recommend security products and technologies to enhance the organization’s security posture.

Incident Response and Monitoring:

• Monitor network traffic for suspicious activity and potential security breaches.
• Develop and maintain incident response plans and procedures to mitigate security incidents.
• Investigate security incidents, determine the root cause, and implement corrective actions.

Vulnerability Assessment and Penetration Testing:

• Conduct regular security assessments to identify vulnerabilities in systems and applications.
• Perform penetration tests to simulate cyberattacks and assess the organization’s readiness.

Access Control and Authentication:

• Manage user access controls and authentication mechanisms.
• Implement and maintain multi-factor authentication (MFA) solutions.

Security Policies and Compliance:

• Develop and enforce security policies, standards, and procedures.
• Ensure compliance with industry regulations (e.g., GDPR, HIPAA, PCI DSS) and best practices.

Security Awareness and Training:

• Conduct security awareness programs and training for employees.
• Keep the organization informed about emerging threats and security best practices.

Security Patch Management:

• Manage and coordinate the timely installation of security patches and updates.
• Maintain an inventory of software and hardware assets.

Encryption and Data Protection:

• Implement encryption mechanisms to protect sensitive data at rest and in transit.
• Ensure the confidentiality and integrity of data through encryption and access controls.

Qualifications:

• Bachelor’s degree in computer science, information security, or a related field (or equivalent experience).
• Relevant industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), or equivalent.
• Proven experience in information security roles, including network security, system security, or application security.
• Strong knowledge of security technologies, protocols, and tools.
• Understanding of risk management principles and methodologies.
• Proficiency in scripting and programming languages (e.g., Python, PowerShell) for automation and analysis.
• Familiarity with cloud security concepts (e.g., AWS, Azure, Google Cloud).
• Excellent problem-solving and analytical skills.
• Effective communication and teamwork abilities.

Preferred Skills:

• Experience with security information and event management (SIEM) systems.
• Knowledge of threat intelligence and threat hunting techniques.
• Experience with secure coding practices and application security assessments.
• Familiarity with network and web application firewalls.
• Understanding of security-related regulations and compliance standards.
• Security Engineers typically work in an office environment but may need to respond to security incidents outside regular business hours.
• The role may involve occasional travel to remote offices or data centers.

Security Engineers play a pivotal role in maintaining the confidentiality, integrity, and availability of an organization’s information assets. They are instrumental in protecting against cyber threats and ensuring compliance with industry regulations and security best practices.

Company Description

Standard Bank Group is a leading Africa-focused financial services group and an innovative player on the global stage. We offer a variety of career-enhancing opportunities and the chance to work alongside talented, motivated professionals. Our clients range from individuals to businesses of all sizes, high net worth families, and large multinational corporates and institutions. We are passionate about creating growth in Africa, bringing meaningful value to our clients and communities, and creating a sense of purpose for our employees.

Job Description

To implement the Group Cyber Resilience strategy by securing platforms, ecosystems, and third-party integrations; protecting sensitive data, applications, and infrastructure from infiltration or misuse; guiding security capabilities in client segments and solutions. Facilitate security services ensuring policies, standards, and controls are embedded to prevent losses and ensure regulatory compliance. Educate employees about their InfoSec responsibilities.

• Alert responsible stakeholders of non-compliance with Cyber Resilience Policies and Standards, and collaborate on remediation plans and solutions.
• Assess information security maturity scores, guide implementation for awareness and prioritization, and monitor compliance with standards.
• Collaborate with feature teams, product owners, architecture, IT, vendors, and other stakeholders to investigate risk controls.
• Work with threat intelligence, cybersecurity, security engineering, and other risk functions to develop and maintain a holistic security strategy and remediation plans.
• Communicate and raise awareness of policies within business, technology, and risk communities.

Qualifications

• Degree in Business, Commerce, Information Technology, or Risk Management (minimum)
• Post Graduate Degree in Business, Commerce, or Information Technology (preferred)

Experience Required: Cyber Security

• 5-7 years in an information security or audit role within banking or financial services. Experience with multi-vendor, outsourced, and multi-system IT environments.
• 5-7 years of knowledge and experience with implementing and managing information security policies and frameworks in a corporate environment. Management experience with diverse teams.
• 5-7 years of strong IT understanding, insights into digital and platform operating models, and current cybersecurity trends and solutions.

Behavioural Competencies:

• Adopting Practical Approaches
• Articulating Information
• Checking Things
• Directing People
• Examining Information

Technical Competencies:

• Benefits Management
• Information Security
• Internal & External IT Environment
• IT Risk Management
• Knowledge of Banking & Financial Services

A highgrowth fintech backed by global investors is building worldclass payment infrastructure across Africa. The company helps global brands succeed in South Africa by reducing payment friction increasing reliability and ensuring regulatory compliance.

Their clients include leading enterprises and globally recognised brands. With scale and security at the heart of their mission theyre shaping how the world does business on the continent.

Role Overview

As the Information Security Officer you will lead the companys information security function as it grows its enterprise and global client base. Youll design and implement fitforpurpose security strategies that support compliance protect data and enable innovation in a fastpaced environment.

Reporting to the VP of Engineering this crossfunctional role supports engineering compliance operations and leadership teams.

Key Responsibilities

• Own and maintain the information security roadmap and risk register
• Implement security policies across infrastructure applications and endpoints
• Support teams in embedding securitybydesign into the SDLC
• Lead compliance audits and assessments (e.g. PCIDSS ISO 27001 SOC 2)
• Coordinate vulnerability assessments penetration testing and risk modelling
• Develop and maintain incident response procedures
• Promote security awareness across the organisation
• Manage internal IT security needs (cloud MDM Google Workspace password policies)
• Support client security reviews and enterprise procurement processes
• Stay informed on relevant threats and regulatory changes

Challenges Youll Tackle

Ideal Candidate Profile

Required Experience :

Unclear Seniority

Key Skills

International Development,Information Systems,Community,Information Technology Sales,Corporate Recruitment

Employment Type : Contract

Experience : years

Vacancy : 1

Our client, a leading financial services firm, is seeking an Information Security Consultant to join their team on a permanent basis.

• Security Auditing
• Responsible for Security tools monitoring
• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Operating System management and Hardening
• Anti-Virus System management and Configuration
• Logical Access Management
• Vulnerability Management

• Matric and an Information Technology diploma or degree qualification
• 4+ years experience in the field

Salary: Market Related

The KPMG Africa Information Security Specialist is responsible for ensuring the confidentiality, integrity, and availability of all systems across KPMG Africa offices (South Africa, Botswana, Mauritius, Mozambique, Namibia, Zambia, Zimbabwe, Nigeria, Ghana, Kenya, Uganda, Tanzania, and Rwanda). The role involves actively managing and monitoring information security systems to detect, respond to, and remediate security risks and threats across the infrastructure.

4. Position Specifications

Educational Requirements (minimum necessary to perform the job):

• Professional / Tertiary qualification

Other Requirements:

Experience (minimum necessary):

Desired Qualifications and Experience:

• 3-5 years' experience in Information Technology Support or Information Security, including Microsoft Azure
• Industry-recognized certifications such as A+, N+, Security+, CySA+, and Cloud Security certifications like:

o Microsoft Certified: Security Operations Analyst Associate

o Microsoft Certified: Information Protection and Compliance Administrator Associate

o Microsoft Certified: Security, Compliance, and Identity Fundamentals

o Microsoft Certified: Identity & Access Management

o Microsoft Certified: Azure Security Engineer

• Professional certifications such as CISM, CISSP, ECIH are preferred but not required
• Strong knowledge of information security and cloud security concepts
• Experience in identifying, analyzing, and reporting on security risks and incidents
• Experience with security tools such as Qualys, Microsoft Defender Endpoint, Microsoft Sentinel, etc.
• Ability to evaluate vulnerabilities, develop mitigation strategies, and implement remediation
• Strong knowledge of operating systems, Microsoft Servers, Active Directory, and network protocols and technologies

5. Core Competencies:

• Attention to detail and accurate documentation
• Analytical skills to interpret information
• Ability to work independently and in a team
• Organizational and prioritization skills under pressure

6. Key Responsibilities & KPIs

Main Responsibilities:

• Monitoring incident response channels
• Executing the Information Security Incident Management Process and escalating high-priority issues
• Tracking and escalating open incidents
• Producing weekly and quarterly reports for the CISO on incident status and trends

Security Systems Configuration and Management:

• Daily monitoring of security systems to ensure proper functioning
• Configuration and management of security tools such as vulnerability, privileged access, and log management systems
• Reconciliation of assets to ensure coverage of security systems
• Reporting and issue resolution support for operational teams

Patch Management Monitoring:

• Monitoring patch management performance and identifying risks
• Addressing challenges to compliance

Threat and Event Monitoring:

• Detecting and escalating security threats and events

Vulnerability Management:

• Monitoring vulnerabilities daily
• Monthly asset reconciliation
• Managing vulnerability remediation with owners
• Supporting penetration testing activities

Supporting NITSO projects and other initiatives as required.