What Jobs are available for Information Security in South Africa?

We are looking for a seasoned Chief Information Security Officer (CISO) to lead enterprise-wide cyber security efforts. In this strategic leadership role, you will be responsible for driving the Group’s information security strategy, ensuring the protection of AVBOB’s digital assets, systems, and data. You will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening our reputation as a trusted service provider.

You will be working for a company that is over 100 years old with strong values. In return for your services, you will be paid a competitive remuneration package. You will be working for an organisation that values employee development and rewards excellent performance.

Responsibilities include:

• 
  

  Develop and execute AVBOB’s information security strategy aligned with business goals and digital innovation.

  
  


• 
  

  Serve as a trusted advisor to executives, balancing innovation and cyber risk.

  
  


• 
  

  Drive secure adoption of technologies including cloud, AI, and data analytics.

  
  

• 
  

  Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).

  
  


• 
  

  Lead security assessments, technology deployments, and compliance audits.

  
  


• 
  

  Collaborate with ICT, PMO, and Group Risk to manage enterprise-wide security initiatives.

  
  

• 
  

  Ensure compliance with POPIA, GDPR, ISO 27001, and industry standards (NIST, PCI-DSS, CIS).

  
  


• 
  

  Minimise legal, reputational, and financial risk through proactive governance.

  
  

• 
  

  Develop and enforce AVBOB’s Cyber Incident Response Plan (CIRP).

  
  


• 
  

  Oversee disaster recovery and continuity planning.

  
  


• 
  

  Lead security audits, assessments, and real-time threat investigations.

  
  

• 
  

  Implement training programs to build cybersecurity awareness across all departments.

  
  


• 
  

  Foster a culture of shared responsibility and high performance within the security function.

  
  

• 
  

  Degree in Information Technology, Business Administration, or related field.

  
  


• 
  

  7+ years of experience in cybersecurity, risk management, and IT leadership.

  
  

• 
  

  5–7 years in a senior information security management role.

  
  


• 
  

  Professional Certifications: CISSP, CISM, CISA, CCSP, or equivalent.

  
  

• 
  

  Deep understanding of security frameworks: ISO 27001, PCI-DSS, NIST, SSAE 18.

  
  


• 
  

  Experience in financial services or insurance industries.

  
  


• 
  

  Strong background in security tools and technologies (IAM, IDS/IPS, DLP, etc.).

  
  


• 
  

  Ability to lead complex projects in a matrixed, multi-stakeholder environment.

  
  


• 
  

  Proven experience in vendor and contract security negotiations.

  
  


• 
  

  Strong leadership, communication, and analytical skills.

  
  

• 
  

  Strategic and innovative thinking

  
  


• 
  

  Leadership and influence

  
  


• 
  

  Risk and compliance acumen

  
  


• 
  

  Project and resource management

  
  


• 
  

  Exceptional stakeholder communication

  
  


• 
  

  Report writing and dashboard presentation

  
  


• 
  

  Coaching and mentoring for performance

  
  

Faculty

Support / Admin Department

Department

Cape Peninsula University of Technology -> Information and Communication Technology Services (ICTS) -> Networking

Campus/ Location

District Six Campus - Cape Town, WC ZA (Primary)

Job Type

Permanent

Occupational Function

Support / Admin

Number of Positions

1

Annual Salary Package (incl. Medical Aid rate based on principal member only)

To be confirmed

Advert Closing Date

28/9/2025

Job Purpose

The purpose of this position is to plan, implement, monitor, and maintain robust network security measures that protect the integrity, confidentiality, and availability of CPUT's information systems and infrastructure, while ensuring compliance with institutional policies and regulatory standards.

Job Knowledge, Skills and Experience

• A BTech in Information Technology or equivalent qualification.
• At least 3-5 years' experience in network security (firewalls, DNS layer security, MFA) Deployment, Configuration and Support / in CCNA / HCIA (International certified).

Key Performance Areas / Principal Accountabilities

• Network Security Architecture and Design
• Cybersecurity Monitoring and Incident Response
• Firewall and Perimeter Defense Management
• Vulnerability Management and Threat Mitigation
• Policy, Compliance, and Audit Support
• Security Awareness and Capacity Building
• Project Involvement and Strategic Input

Competencies

• Team leadership skills
• People Management skills
• Interpersonal skills
• Project Management skills
• Excellent problem-solving skills
• Analytical skills
• Organizational skills
• Communication skills
• Report writing skills
• Knowledge of emerging networking technologies and industry trends.

General Information

Closing date: 28 September 2025

For enquiries and assistance with your online application, please email: please contact Mr Odwa Siza, (Human Capital Department) email:

NB: PLEASE NOTE THAT THIS SYSTEM DOES NOT ALLOW APPLICANTS TO UPLOAD CVs. IT IS THUS IMPORTANT THAT APPLICANTS COMPLETE ALL SECTIONS COMPREHENSIVELY AS FAILURE TO DO SO MIGHT DISADVANTAGE YOU. PLEASE UPDATE YOUR APPLICATION ON THE SYSTEM WITH THE LATEST INFORMATION AS THIS WILL BE THE ONLY CRITERIA USED FOR EVALUATION OF YOUR APPLICATION BY OUR PANEL.

The Cape Peninsula University of Technology is committed to Employment Equity and aims to attract and retain talented individuals to achieve our equity objectives and therefore, people from the designated groups, including those with disabilities are encouraged to apply. Preference will be given to applicants whose appointment contributes towards the achievement of demographic representation. We reserve the right not to make an appointment.

We are seeking a versatile Security Specialist who can combine deep hands-on expertise in ethical hacking and security testing with a strong understanding of governance, risk, and compliance (GRC). This person will ensure our systems are continuously tested for vulnerabilities while also aligning our practices with regulatory and organizational security requirements.

Key Responsibilities:

• Conduct penetration testing, ethical hacking, and vulnerability assessments using industry-standard tools (e.g., BurpSuite, OWASP ZAP, Metasploit, etc.).
• Identify, document, and report security vulnerabilities, providing remediation guidance to development and operations teams.
• Develop and maintain GRC frameworks, policies, and procedures in line with industry standards (ISO 27001, NIST, GDPR, POPIA, etc.).
• Support risk assessments, audits, and compliance initiatives.
• Act as a bridge between technical security testing and compliance-driven governance activities.
• Provide security awareness and compliance training as needed.

Key Skills & Experience:

• Proven experience as a penetration tester, ethical hacker, or security engineer.
• Familiarity with GRC frameworks, regulatory compliance, and audit processes.
• Strong knowledge of application, cloud, and infrastructure security.
• Excellent communication and reporting skills to both technical and non-technical stakeholders.
• Relevant certifications desirable (e.g., OSCP, CEH, CISSP, CISM, ISO 27001 Lead Implementer/Auditor).

Minimum Requirements:

Management Level

Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives, needs, and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen, ask questions to check understanding, and clearly express ideas.
• Seek, reflect, act on, and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements.

Role summary:

As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues under the Cybersecurity Strategy pillar.

Qualifications / certifications required:

• Completed BCom /BSc degree in Information Systems/Information Technology/ or BSc Computer Science or Engineering, Honours/ Masters an advantage but not essential

• CompTIA Security + (Advantageous)

• ISO Advantageous)

Experience required:

Less than 2 years of work experience.

Responsibilities of role:

We are looking for a strategic, detail-oriented individual to join our team as a security consultant. Your responsibilities will include assessing and analysing security systems and measures, based on our go to market services:

• Capability Maturity Assessments - NIST, ISO 27001 , FFIEC , etc.

• Cyber Risk Management

• Cyber Value at Risk ( CyberVAR ) / Risk Quantification

• Third Party Risk Management

• Cloud Security

• IoT / ICS / OT

• Cybersecurity Strategy

• Awareness, Culture and Behaviour

• Cyber Attestation

• Ensure compliance with other regulatory requirements

• Perform due diligence on systems and controls

• Perform pre- and post-implementation system reviews

• Assess the privacy and protection of personal information

Skill sets required :

• Excellent verbal and written communication skills

• Sound judgment

• Innovative and adaptable

• Resilient

• Copes well under tight deadlines and works well under stress

• Is a strategic and big picture thinker

• Is curious – learning, sharing and innovating

• Is willing to continually learn and develop skills across a multitude of core competencies

• Approache s problem solving in a logical and structured manner with due consideration given to alternative solutions which may require the acquisition of new knowledge

• Ability to handle complex problems and apply appropriate judgement in evaluating solution inputs

• You have an eye for details and an affection for quality

• You are motivated to work in a team and flexible to travel

• You are open minded, curious by nature, able to prioritize tasks, creative in finding solutions and communicating them to clients

Role related attributes:

• Must be able to demonstrate and apply industry knowledge

• Must be able to work overtime when necessary

• Display sound leadership skills

• Self-motivated and pay attention to detail

• Must have valid driver's license

Industry experience required :

We're very proud of our unique culture and expect our people to demonstrate skills and behaviours that will support us in implementing our business strategy. This is important to the work we do, both for our business and our clients. These skills and behaviours are a strong component of our global leadership framework: The PwC Professional.

Travel Requirements

Up to 20%

Available for Work Visa Sponsorship?

No

Job Posting End Date

September 16, 2025

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA

The Principal Information Security Analyst is a highly skilled subject matter expert, responsible for designing and implementing security systems to protect the organization's computer networks from cyber-attacks, and to help set and maintain security standards.

This role is required to monitor the organization's computer networks for security issues, install security software, and document any security issues or breaches found.

The Principal Information Security Analyst is responsible for assisting in the planning, implementation, and management of information security measures to safeguard the organization's digital assets and systems and contributes to maintaining a secure and compliant environment and executes on leadership initiatives.

Key responsibilities:

• Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary.
• Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls.
• Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities.
• Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.
• Assists in ensuring compliance with industry standards (for example, GDPR, ISO by conducting assessments and implementing necessary controls.
• Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Documents security breaches and assess the damage they cause.
• Works with the security team to perform tests and uncover network vulnerabilities.
• Fixes detected vulnerabilities to maintain a high-security standard.
• Develops organizational best practices for IT security and performs penetration testing.
• Upgrades systems to unable security software and installs and upgrades antivirus software.
• Tests and evaluates new technology and assists with the installation of security software and understands information security management.
• Researches security enhancements and makes recommendations to management.
• Stays abreast of information technology trends and security standards.
• Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices.
• Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.
• Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems.
• Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization.
• Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects.
• Performs any other related task as required.

To thrive in this role, you need to have:

• Excellent communication skills to effectively convey technical information to non-technical stakeholders.
• Excellent analytical thinking and problem-solving skills to prevent hacking on a network.
• Ability to identify and evaluate potential risks and to develop solutions.
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Extended proficiency in understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Extended proficiency in understanding of patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
• Excellent proficiency with MAC and OS.
• Extended familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR).
• Extended proficiency of understanding in network and system architecture, protocols, and security controls.
• Strong analytical skills to analyse security incidents and assess potential risks.
• Ability to work both independently and collaboratively in a fast-paced environment.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related.
• Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous.

Required experience:

• Extended demonstrated experience in information security or cybersecurity, or related roles.
• Extended demonstrated experience working in a global IT organization.
• Extended demonstrated experience with computer network penetration testing and techniques.
• Extended demonstrated experience with security assessment and vulnerability scanning tools.

Workplace type:

Hybrid Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Third parties fraudulently posing as NTT DATA recruiters

NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an email address. If you suspect any fraudulent activity, please contact us .