80 Cybersecurity Analyst jobs in South Africa

Key Responsibilities: Security Monitoring Perform log ingestion, define use cases, and create alerts for critical assets. Perform daily SIEM health checks and remediate accordingly. Monitor security alerts and events using various tools and technologies. Analyze and investigate security incidents to identify potential threats. Collaborate with team members to develop and implement effective monitoring strategies. Using IOCs and threat intelligence, perform threat hunting across environment. Incident Response Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradiate and recovery from threats. Document and report incidents, ensuring accurate and comprehensive records. Follow established incident response procedures, playbooks and contribute to their enhancement. End Point Protection Manage and maintain endpoint security and EDR solutions. Perform daily health checks endpoint security and EDR solutions and remediate accordingly. Conduct regular scans and assessments to identify and mitigate potential vulnerabilities. Work with IT teams to ensure endpoint security configurations align with organizational standards. Vulnerability Management Assist in the identification and prioritization of vulnerabilities within the organization's infrastructure. Collaborate with system owners and IT teams to remediate identified vulnerabilities. Stay informed about the latest security threats and vulnerabilities. Email Security Monitor and analyze email traffic for potential security threats. Respond to and mitigate email-borne security incidents. Work with email security solutions to enhance protection against phishing and malware attacks. Qualifications and Experience: Relevant degree or advanced diploma in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience. One or more certifications in: EC-Council SOC, Security+, AWS Certifications, Microsoft Certifications, Google Certifications Must have 3-6 years' experience in a Cybersecurity related role. Practical experience with system monitoring SIEM, assessment, and reporting tools (Arc Sight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, Alient Vault etc.) Practical experience with EDR and XDR tools. Proficiency in network security, operating systems, and security technologies. Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux). Experience with Vulnerability and Malware Analysis (threat and attack analysis). Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, etc.). Knowledge of Cloud Security Operations (Saa S, Paa S, Iaa S), Mobile Architecture, Network and Application Security and/or Data Protection Technology experience to be considered; Security+; Microsoft Security Certifications (MS-SC200); Azure Certifications, Recognised SOC certification Skills: Ability to work in independent environments under aggressive timelines. Ability to develop and maintain working relationships in a global environment. Excellent analytical and problem-solving skills Outstanding written skills for preparing reports and briefings. Behaviours: Communicates Effectively - conveys information and communicates ideas in a clear, concise and impactful manner Decision Quality - consistently makes timely, well-rounded and informed decisions Ensures Accountability - takes accountability and ensures others are held to

Company Description

Aspen TESS is Aspen's technology-enabled shared services business, established to partner in unlocking business value through digital innovation and process efficiency. By delivering cost-effective services and innovative solutions to Aspen business units globally, Aspen TESS will eliminate repetitive effort and use technology to optimize standardized processes. 

OBJECTIVE

The L1 Cybersecurity Analyst is an entry-level role within the Cybersecurity Operations team. This position is critical in supporting core security domains such as Vulnerability Management, Incident Response, Email and Internet Filtering, and Endpoint Security. The analyst will be responsible for performing daily operational security tasks, conducting routine system health checks, and responding to security incidents reported by the Security Operations Center (SOC). This role offers a growth opportunity into more advanced cybersecurity positions such as L2 Cybersecurity Analyst, SOC Analyst, or Cybersecurity Engineer, depending on performance and upskilling.

Below is a general description of the key responsibilities, qualifications, and skills needed for this role:

KEY RESPONSIBILITIES

Security Operations and Monitoring

• Support cybersecurity engineers in monitoring and maintaining the cybersecurity platforms.
• Perform daily system operational checks on security tools and infrastructure to ensure ongoing functionality and security posture.
• Monitor and report on phishing simulation outcomes to assess user awareness and improve training efforts.

Incident Response and Management

• Respond to Tier 1 security incidents and escalate complex cases to the respective business units for further investigation and closure.
• Aid in tracking the resolution of open security incidents and maintain accurate records within the incident management system.
• Document incidents, tasks, and operational processes accurately in ticketing systems to ensure traceability and knowledge sharing.

Vulnerability Management

• Assist with the identification and validation of vulnerabilities using tools like Qualys.
• Coordinate remediation efforts by working with appropriate teams to ensure timely resolution of identified vulnerabilities.

Compliance and Audit Support

• Collaborate with compliance teams to gather evidence for audits.
• Support internal security assessments by providing necessary documentation and assisting in the evaluation of controls.

SKILLS AND COMPETENCIES:

• Basic knowledge of:

  Network security fundamentals (firewalls, proxies, IP, DNS, etc.)

  Operating systems (Windows, Linux) and endpoint security principles

  Security incident and event monitoring (SIEM tools such as Microsoft Sentinel)

  Familiarity with vulnerability scanners and CVSS scoring.

• Basic scripting or query language skills (e.g., PowerShell, KQL) — a plus.
li>Excellent attention to detail and accuracy
• Effective verbal and written communication skills
• Ability to prioritize and manage multiple tasks
• Trustworthy and handles sensitive information with discretion

QUALIFICATIONS & EXPERIENCE

• Diploma or Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field (or equivalent practical experience)
• Industry certifications (preferred but not required):

    - CompTIA Security+

< >    - Microsoft SC-200 (Security Operations Analyst)

< >    - Cisco CyberOps Associate

< >    - Fortinet NSE1–NSE3 or equivalent

0–2 years of experience in IT or Cybersecurity operations

Cybersecurity Vulnerability Analyst page is loadedCybersecurity Vulnerability Analyst Apply remote type Hybrid locations Cape Town time type Full time posted on Posted Yesterday job requisition id JR10573

Kick-start your career in the online gaming world and experience the very latest in technology and innovation.

Who we are

We’re part of Super Group, the NYSE-listed digital gaming company behind some of the world’s leading Sports and iGaming brands.

At DigiOutsource, we bring passionate people and innovative tech together to create market-leading online gaming solutions. Our multidisciplinary teams are passionate about products, customer experience and security. We’re empowered to achieve the ultimate in high-performance gaming experiences using the best technology available.

Who we’re looking for

We’re on a thrilling journey of growth and innovation, and we need passionate, driven individuals to join us. At DigiOutsource, every day is action-packed, and we expect you to bring your A-game. In return, you’ll find a supportive environment where your skills can flourish and your career can soar.

Ready to become a game-changer? Supercharge your career with us and be part of something extraordinary.

Why we need you

We’re on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision.

As a Vulnerability Management Analyst, you’ll be supporting the delivery of repeatable, automated and scalable vulnerability management systems and processes, covering windows, linux, 3rd party software and cloud services. This will help us excel by keeping systems modern and secure to stay ahead of the game.

What you’ll be doing

As part of your role, your responsibilities will include:

• Identify, assess and prioritize resolution of vulnerabilities based on risk and known exploits
• Design, implement and maintain robust automated vulnerability detection and remediation processes, including ensuring required scheduled network and system scans are run.
• Review current security controls and compensating mitigation controls for vulnerabilities
• Maintain detailed plans and documentation on vulnerabilities and remediation schedules
• Generate and deliver comprehensive monthly vulnerability management reports, providing insights into risk exposure, remediation progress, and trends. These reports will highlight critical vulnerabilities, compliance status, and risk prioritization to support informed decision-making by key stakeholders
• Ensure adherence to regulations including ISO27001:2022 and Sarbanes-Oxley
• Keep up to date with the latest Tactics, Techniques and procedures and associated risks and attack vectors
• Effective collaboration with technology teams to resolve identified vulnerabilities
• Managing a Configuration Management Database (CMDB) to ensure accurate system inventory and asset relationships, correlating vulnerabilities to affected systems, and collaborating with internal teams to remediate security risks.

This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives.

Essential skills you’ll bring to the table

The necessary skills that we require for this role include:

• Strong verbal and written communication skills, with the ability to convey complex ideas clearly and effectively
• Experience working collaboratively in cross-functional teams, with a focus on achieving shared goals
• Expertise in managing multiple projects simultaneously, with a track record of delivering on time and within scope
• Exceptional attention to detail, ensuring high standards of quality in all outputs
• Ability to adapt quickly to changing environments and priorities, maintaining effectiveness in dynamic situations
• CompTia Security+ Certification or other equivalent certificates
• Experience implementing and operating vulnerability scanning solutions, such as Nessus or Qualys
• Experience with Microsoft XDR, Microsoft Endpoint Manager and other Microsoft cloud technologies.
• Experience with Automation using Terraform and Ansible
• Strong understanding of operating systems, including Windows, Linux and MacOS

Desirable skills you’ve got up your sleeve

It would be great if you also have some of the following skills:

• Microsoft SC-200 Certification
• Familiarity in using Kusto query language
• Scripting languages such as PowerShell and Bash
• Strong planning and organizing skills
• Self-motivated and results-oriented
• Curiosity and a continued learning mentality
• Passion for automation and modernization

Our values are non-negotiables

Our culture is underpinned by core values that are linked to key behavioural competencies. Along with the below behavioural competencies, these are essential for all employees in order for you to embed in and drive our culture forward.

These competencies are:

• Adaptability
• Ownership and accountability
• Initiating action
• Resilience
• Team orientation
• Integrity
• Innovation

What you’ll get back

We offer a great variety of personal and professional benefits to help you thrive at DigiOutsource and Super Group. This includes:

• We’re dedicated to your supergrowth. Our comprehensive learning and development programmes give you a range of resources and opportunities to expand your skills and advance your career.
• Your hard work and achievements won’t go unnoticed. Our innovative Performance Tool ensures you receive regular, constructive feedback, helping you to continuously improve and reach your full potential.
• Our Employee Assistance programme offers a variety of benefits which you and your family can benefit from.
• Free Daily Meal
• Free Massages On-site
• Free On-Site Gym
• Group Life Cover
• Funeral Fund Benefit
• Financial Services Assistance
• Curro School Fees Benefit
• Income Continuation Benefit
• Leadership Training
• Referral Bonus
• Medical Aid Subsidy
• Free Sleep Coaching
• On-site Barista
• Retirement Annuity Subsidy
• Team socials

Be part of that Superclass feeling.

At Super Group, diversity is part of our DNA. With teams across 16 countries, 85 nationalities, and 20 languages, we take equal opportunities seriously, championing a supportive, inclusive and empowering environment wherever you are in the Group.

It’s all about putting your experience first and ensuring honesty and fairness in all we do.
Here, your growth is supported and your contributions valued.

Game on!

*Please note we will apply relevance to our Talent Management and Talent Development Programme as part of our recruitment process.

*Shortlisted candidates may need to complete an assessment.

This position requires trust and honesty it has access to customers financial details - therefore a credit and criminal record check will be conducted. The qualifications identified herein are an inherent job requirement; therefore, a qualification verification check will be done. By applying for this role, and supplying the necessary details, you hereby grant us permission to apply for these checks. This will be done in a confidential manner, and solely for the purposes of verification.

Should you not hear from us within 2 weeks, please deem your application as unsuccessful.

The perfect place to work, play and grow!

#J-18808-Ljbffr

Cybersecurity Vulnerability Analyst page is loadedCybersecurity Vulnerability Analyst Apply remote type Hybrid locations Cape Town time type Full time posted on Posted Yesterday job requisition id JR10573Kick-start your career in the online gaming world and experience the very latest in technology and innovation. Who we are We’re part of Super Group, the NYSE-listed digital gaming company behind some of the world’s leading Sports and i Gaming brands. At Digi Outsource, we bring passionate people and innovative tech together to create market-leading online gaming solutions. Our multidisciplinary teams are passionate about products, customer experience and security. We’re empowered to achieve the ultimate in high-performance gaming experiences using the best technology available. Who we’re looking for We’re on a thrilling journey of growth and innovation, and we need passionate, driven individuals to join us. At Digi Outsource, every day is action-packed, and we expect you to bring your A-game. In return, you’ll find a supportive environment where your skills can flourish and your career can soar. Ready to become a game-changer? Supercharge your career with us and be part of something extraordinary. Why we need you We’re on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision. As a Vulnerability Management Analyst, you’ll be supporting the delivery of repeatable, automated and scalable vulnerability management systems and processes, covering windows, linux, 3rd party software and cloud services. This will help us excel by keeping systems modern and secure to stay ahead of the game.What you’ll be doing As part of your role, your responsibilities will include: Identify, assess and prioritize resolution of vulnerabilities based on risk and known exploits Design, implement and maintain robust automated vulnerability detection and remediation processes, including ensuring required scheduled network and system scans are run. Review current security controls and compensating mitigation controls for vulnerabilities Maintain detailed plans and documentation on vulnerabilities and remediation schedules Generate and deliver comprehensive monthly vulnerability management reports, providing insights into risk exposure, remediation progress, and trends. These reports will highlight critical vulnerabilities, compliance status, and risk prioritization to support informed decision-making by key stakeholders Ensure adherence to regulations including ISO27001:2022 and Sarbanes-Oxley Keep up to date with the latest Tactics, Techniques and procedures and associated risks and attack vectors Effective collaboration with technology teams to resolve identified vulnerabilities Managing a Configuration Management Database (CMDB) to ensure accurate system inventory and asset relationships, correlating vulnerabilities to affected systems, and collaborating with internal teams to remediate security risks. This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives. Essential skills you’ll bring to the table The necessary skills that we require for this role include: Strong verbal and written communication skills, with the ability to convey complex ideas clearly and effectively Experience working collaboratively in cross-functional teams, with a focus on achieving shared goals Expertise in managing multiple projects simultaneously, with a track record of delivering on time and within scope Exceptional attention to detail, ensuring high standards of quality in all outputs Ability to adapt quickly to changing environments and priorities, maintaining effectiveness in dynamic situations Comp Tia Security+ Certification or other equivalent certificates Experience implementing and operating vulnerability scanning solutions, such as Nessus or Qualys Experience with Microsoft XDR, Microsoft Endpoint Manager and other Microsoft cloud technologies. Experience with Automation using Terraform and Ansible Strong understanding of operating systems, including Windows, Linux and Mac OS Desirable skills you’ve got up your sleeve It would be great if you also have some of the following skills: Microsoft SC-200 Certification Familiarity in using Kusto query language Scripting languages such as Power Shell and Bash Strong planning and organizing skills Self-motivated and results-oriented Curiosity and a continued learning mentality Passion for automation and modernization Our values are non-negotiables Our culture is underpinned by core values that are linked to key behavioural competencies. Along with the below behavioural competencies, these are essential for all employees in order for you to embed in and drive our culture forward. These competencies are: Adaptability Ownership and accountability Initiating action Resilience Team orientation Integrity Innovation What you’ll get back We offer a great variety of personal and professional benefits to help you thrive at Digi Outsource and Super Group. This includes: We’re dedicated to your supergrowth. Our comprehensive learning and development programmes give you a range of resources and opportunities to expand your skills and advance your career. Your hard work and achievements won’t go unnoticed. Our innovative Performance Tool ensures you receive regular, constructive feedback, helping you to continuously improve and reach your full potential. Our Employee Assistance programme offers a variety of benefits which you and your family can benefit from. Free Daily Meal Free Massages On-site Free On-Site Gym Group Life Cover Funeral Fund Benefit Financial Services Assistance Curro School Fees Benefit Income Continuation Benefit Leadership Training Referral Bonus Medical Aid Subsidy Free Sleep Coaching On-site Barista Retirement Annuity Subsidy Team socials Be part of that Superclass feeling. At Super Group, diversity is part of our DNA. With teams across 16 countries, 85 nationalities, and 20 languages, we take equal opportunities seriously, championing a supportive, inclusive and empowering environment wherever you are in the Group. It’s all about putting your experience first and ensuring honesty and fairness in all we do.Here, your growth is supported and your contributions valued. Game on! *Please note we will apply relevance to our Talent Management and Talent Development Programme as part of our recruitment process. *Shortlisted candidates may need to complete an assessment. This position requires trust and honesty it has access to customers financial details - therefore a credit and criminal record check will be conducted. The qualifications identified herein are an inherent job requirement; therefore, a qualification verification check will be done. By applying for this role, and supplying the necessary details, you hereby grant us permission to apply for these checks. This will be done in a confidential manner, and solely for the purposes of verification. Should you not hear from us within 2 weeks, please deem your application as unsuccessful. The perfect place to work, play and grow! #J-18808-Ljbffr

To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

Job Responsibilities

• We are looking for a suitable resource with general network security or web security experience to alleviate work pressures on our current team members
• Experience with Email and Web Proxies
• DNS Security knowledge
• Experience with Microsoft O365
• Assist with support of current email and web security tasks
• Liaise with other teams to promote good security practices and explain security procedures
• Experience with Security Technologies
• Building relationships with I&O Teams
• Oversee the implementation of the information security changes and check for the short comings and risks.
• Interpret MIS and system logs/ reports with the view to analyse and correct any deviations against standards and best practices.
• Participate in the implementation of new products as provided in the selection criteria.
• Act as the 1st point of problem resolution for non routine incidents and 1st line support for problems.
• Ensure compliance to standards and practises by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
• Document and maintain all relevant processes and procedures mindful of current policies and standards.
• Create and maintain information security standards.
• Oversee and monitor the information security environment according to set standards.
• Review and contribute to project documentation including business requirements, designs and implementation.
• Create design documentation according to relevant standards and practices
• Implement specific Information security technologies.
• Gain further exposure and experience on multiple technologies by job shadowing Information Security analysts III and Technical Specialist.
• Log submit and implement low, medium and high risk changes independently.
• Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
• Oversee and ensure change was successful in certain cases and when required perform unit testing.
• Oversee and ensure back-ups are done, documents are stored and statuses updated.
• Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
• Monitor and action Service Manager low, medium and high impact incidents and e-mails related to Information Security.
• Ensure job related tasks and processes are in place.
• Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
• Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
• Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
• Improve personal capability and to stay abreast of developments in field of expertise by identify training courses and career progression opportunities for self through input and feedback from managers.
• Ensure information is provided correctly to stakeholders by maintaining knowledge sharing knowledge with team.

Overview

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level - thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS
• Evaluates and selects security technologies, tools, and frameworks to support the organization's security
• Define portfolio vision and reusable security patterns aligned with the EA strategy
• Lead architecture reviews for high-risk projects, driving recommendations to resolution
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS
• Manage security architects and mentor engineers, developers, and vendors

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture
• Teamwork and Energy - work across different functional and business teams with effective collaboration
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF)

Requirements

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business
• Good experience in security architecture design in Cloud and on-prem
• Design and implementation of IOT, endpoint protection, and secure IAM
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling

Seniority level

• Mid-Senior level

Employment type

• Contract

Job function

• Information Technology

Industries

• IT Services and IT Consulting

#J-18808-Ljbffr

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

#J-18808-Ljbffr

Overview

Welcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of people that make it happen. As part of our talented team, you will be surrounded by unique talents, diverse minds, and an adaptable environment that lives up to the promise of staying curious. Now’s the time to imagine your potential in a team where experts come together and ignite effective change.

Responsibilities

• To assist in identifying, defining and maintaining the information security policy and baseline standards.


• Deliver exceptional service that exceeds customers’ expectations through proactive, innovative and appropriate solutions.


• Cultivate and manage objective working relationships with a variety of stakeholders, including end-users, SME’s, project managers and senior staff members by providing expert advice and consulting on all aspects of IT security.


• Support IT Security leaders to participate in the FirstRand

Information Security Administrator page is loaded# Information Security Administratorlocations: Johannesburgtime type: Full timeposted on: Posted Todaytime left to apply: End Date: September 6, 2025 (9 days left to apply)job requisition id: R38727# **Job Description**Hello Future Information Security Administrator Welcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of people that make it happen. As part of our talented team, you will be surrounded by unique talents, diverse minds, and an adaptable environment that lives up to the promise of staying curious. Now’s the time to imagine your potential in a team where experts come together and ignite effective change. . To assist in identifying, defining and maintaining the information security policy and baseline standards**Are you someone who can:*** Deliver exceptional service that exceeds customers’ expectations through proactive, innovative and appropriate solutions.* Cultivate and manage objective working relationships with a variety of stakeholders, including end-users, SME’s, project managers and senior staff members by providing expert advice and consulting on all aspects of IT security.* Support IT Security leaders to participate in the FirstRand