15 Incident Response jobs in Johannesburg

Overview

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts.

The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.

Key responsibilities

• Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
• Performs access management activities according to the policy.
• Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
• Interacts with a global team of Cyber Security Analysts and specialists.
• Manages 2nd level triaging of security alerts, events, and notifications.
• Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees.
• Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
• Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
• Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
• Maintains an understanding of current and emerging threats, vulnerabilities, and trends.

To thrive in this role, you need to have

• Advanced understanding of End Point Protection Software.
• Advanced understanding of Enterprise Detection and Response software.
• Advanced knowledge of technological advances within the information security arena.
• Advanced understanding of inter-relationships in an overall system or process.
• Advanced knowledge of information security management and policies.
• Advanced understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents
• Advanced understanding of the organization's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy.
• Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response.
• Ability to think critically, analyze information, and solve medium to complex problems.

Academic qualifications and certifications

• Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred.
• SANS GIAC Security Essentials (GSEC) or equivalent preferred.
• SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
• SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred

Required experience

• Advanced experience in a Technology Information Security Industry.
• Advanced experience or knowledge of SIEM and IPS technologies.
• Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.

Workplace type: Hybrid Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Third parties fraudulently posing as NTT DATA recruiters

NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.

#J-18808-Ljbffr

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).
This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts.
The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
**Key responsibilities:**
+ Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
+ Performs access management activities according to the policy.
+ Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
+ Interacts with a global team of Cyber Security Analysts and specialists.
+ Manages 2nd level triaging of security alerts, events, and notifications.
+ Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees.
+ Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
+ Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
+ Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
+ Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
**To thrive in this role, you need to have:**
+ Advanced understanding of End Point Protection Software.
+ Advanced understanding of Enterprise Detection and Response software.
+ Advanced knowledge of technological advances within the information security arena.
+ Advanced understanding of inter-relationships in an overall system or process.
+ Advanced knowledge of information security management and policies.
+ Advanced understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents
+ Advanced understanding of the organization's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy.
+ Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response.
+ Ability to think critically, analyze information, and solve medium to complex problems.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related preferred.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
**Required experience:**
+ Advanced experience in a Technology Information Security Industry.
+ Advanced experience or knowledge of SIEM and IPS technologies.
+ Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters-whether in writing or by phone-in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .

Join to apply for the Network Security Analyst role at Optimal Growth Technologies

Join to apply for the Network Security Analyst role at Optimal Growth Technologies

Get AI-powered advice on this job and more exclusive features.

Network Security Analyst (Remote South Africa)

Level: Intermediate

About The Role

Were looking for a highly skilled Network Security Analyst to join our forward-thinking, security-driven team. In this role, you'll be the guardian of our digital infrastructure ensuring that firewalls, network rules, and security configurations are robust, compliant, and ready to face emerging threats.

Key Responsibilities

• Manage and resolve firewall-related tickets efficiently.
• Add, modify, and optimize firewall rules in line with security best practices.
• Configure Palo Alto firewalls confidently and effectively.
• Implement secure changes without disrupting business operations.
• Monitor and analyze security systems to proactively prevent breaches.
  
  
  

Required Skills & Qualifications

• Palo Alto Certification (essential).
• Proven experience managing and configuring Palo Alto firewalls.
• Strong understanding of firewall rule creation and security change management.
• Familiarity with common security protocols and network monitoring tools.
• Excellent troubleshooting and analytical skills.
  
  
  

Nice to Have

• Experience working with Checkpoint firewalls.
• Exposure to other enterprise security solutions.
  
  
  

Why Join Us?

• 100% remote work operate from anywhere in South Africa.
• Competitive salary aligned with experience.
• Join a dynamic, security-focused team with cutting-edge tools and projects.
  

Seniority level

• Seniority level Not Applicable

Employment type

• Employment type Contract

Job function

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Optimal Growth Technologies by 2x

Get notified about new Network Security Analyst jobs in Johannesburg, Gauteng, South Africa .

Johannesburg, Gauteng, South Africa 1 day ago

Johannesburg, Gauteng, South Africa 2 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Network Security Analyst (Remote South Africa)

Level: Intermediate

About The Role

Were looking for a highly skilled Network Security Analyst to join our forward-thinking, security-driven team. In this role, you'll be the guardian of our digital infrastructure ensuring that firewalls, network rules, and security configurations are robust, compliant, and ready to face emerging threats.

Key Responsibilities

• Manage and resolve firewall-related tickets efficiently.
• Add, modify, and optimize firewall rules in line with security best practices.
• Configure Palo Alto firewalls confidently and effectively.
• Implement secure changes without disrupting business operations.
• Monitor and analyze security systems to proactively prevent breaches.
  
  
  

Required Skills & Qualifications

• Palo Alto Certification (essential).
• Proven experience managing and configuring Palo Alto firewalls.
• Strong understanding of firewall rule creation and security change management.
• Familiarity with common security protocols and network monitoring tools.
• Excellent troubleshooting and analytical skills.
  
  
  

Nice to Have

• Experience working with Checkpoint firewalls.
• Exposure to other enterprise security solutions.
  
  
  

Why Join Us?

• 100% remote work operate from anywhere in South Africa.
• Competitive salary aligned with experience.
• Join a dynamic, security-focused team with cutting-edge tools and projects.
  

#J-18808-Ljbffr

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

Key Responsibilities:

• Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
• Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
• Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
• Perform vulnerability assessments and penetration testing to identify security weaknesses.
• Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
• Work with IT and development teams to ensure secure configurations and practices across all systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in cybersecurity, information security, or a related role.
• Strong understanding of security principles, concepts, and technologies.
• Experience with security monitoring tools, SIEM platforms, and incident response procedures.
• Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
• Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication skills to effectively collaborate with cross-functional teams.
• CERT, CISSP, CISM, or equivalent security certifications are a plus.

#J-18808-Ljbffr

Cloud Security Analyst Key Responsibilities

• Implement, manage, and monitor cloud security controls (IAM, RBAC, MFA, encryption, auditing).
• Design and enforce Identity & Access Management (IAM) and Role-Based Access Controls (RBAC) across cloud infrastructure.
• Configure and maintain encryption standards (TLS, AES-256) for data in transit and at rest.
• Conduct regular audits, penetration tests, and monitoring to identify vulnerabilities.
• Ensure compliance with security frameworks and standards (ISO 27001, NIST, SOC2, GDPR, POPIA).
• Implement cloud monitoring tools for threat detection and incident response.
• Collaborate with DevOps/Cloud Engineers to embed security into CI/CD pipelines (shift-left security).
• Prepare and deliver security assessment reports for leadership and compliance teams.
• Stay updated on evolving cloud security risks, tools, and industry trends.

Core Requirements

• Minimum 5 years experience in Cloud Security, Information Security, or Cybersecurity.
• Strong knowledge of cloud security best practices (AWS, Azure, or GCP preferred).
• Expertise in IAM, RBAC, and MFA solutions.
• Hands-on experience with encryption protocols (TLS, AES-256).
• Solid understanding of audit processes and compliance frameworks .
• Proficiency with monitoring and security tools (SIEM, CloudTrail, Azure Sentinel, Splunk, etc.).
• Knowledge of container security and serverless environment security.
• Relevant certifications advantageous (CCSP, CISSP, CISM, Microsoft/Azure Security, AWS Security).

#J-18808-Ljbffr

Are you driven to protect critical systems and secure digital assets? Further your career as a Cyber Security Analyst, where youll play a key role in defending against evolving cyber threats.
Youll monitor, detect, and respond to security incidents using advanced tools, conduct vulnerability assessments, and implement measures to mitigate risks. Your expertise will enhance defences, refine protocols, and ensure compliance with industry standards.
Working closely with IT teams and leadership, youll develop strategies, educate staff, and foster a culture of security awareness. This role offers the chance to make a significant impact, safeguarding both businesses and its people.
If youre detail-oriented and thrive on tackling cybersecurity challenges, wed love to hear about it.

Are you driven to protect critical systems and secure digital assets? Further your career as a Cyber Security Analyst, where youll play a key role in defending against evolving cyber threats. Youll monitor, detect, and respond to security incidents using advanced tools, conduct vulnerability assessments, and implement measures to mitigate risks. Your expertise will enhance defences, refine protocols, and ensure compliance with industry standards. Working closely with IT teams and leadership, youll develop strategies, educate staff, and foster a culture of security awareness. This role offers the chance to make a significant impact, safeguarding both businesses and its people. If youre detail-oriented and thrive on tackling cybersecurity challenges, wed love to hear about it.

ENVIRONMENT

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester /Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

DUTIES Penetration Testing Duties

• Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
• Conduct network penetration tests
• Conduct application penetration tests (web and thick client)
• Conduct wireless and mobile security assessments
• Conduct social engineering assessments
• Conduct physical security assessments
• Effectively communicate successes and obstacles with fellow team members and line managers
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
• Utilise common vulnerability assessment and penetration testing tools

Red Teaming Duties

• Working as part of a Red Team and assisting with the following duties (but not limited to):
• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
• Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
• Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
• Escalate privileges and maintain persistence
• Exfiltrate and / or complete objectives

Research and Development Duties

• Research new vulnerabilities with a focus on high-profile products
• Understand the terminology and tactics employed by threat actors Research new attack methods

REQUIREMENTS

• Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
• Previous Red Team experience required

#J-18808-Ljbffr