670 Information Security jobs in South Africa

Role Overview

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.
• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.
• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

SUMMARY :

Managed Talent Solutions is looking for a seasoned ChiefInformation Security Officer (CISO) for one of their client based in Centurion to lead enterprise-wide cyber security efforts. In this strategic leadership role, the successful candidate will be responsible for driving the Group’s information security strategy, ensuring the protection of the company’s digital assets, systems and data. The Chief Information Security Officer will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening the company's reputation as a trusted service provider.

POSITION INFO :

Qualifications / Requirements :

• Matric plus, Degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in cybersecurity, risk management, and IT leadership .
• 7 years in a senior information security management role .
• Professional Certifications : CISSP, CISM, CISA, CCSP , or equivalent.
• Deep understanding of security frameworks : ISO 27001, PCI-DSS, NIST, SSAE 18.
• Strong background in security tools and technologies (IAM, IDS / IPS, DLP, etc.).
• Ability to lead complex projects in a matrixed, multi-stakeholder environment.
• Proven experience in vendor and contract security negotiations.
• Strong leadership, communication, and analytical skills.
• Strategic and innovative thinking
• Leadership and influence
• Risk and compliance acumen
• Project and resource management
• Exceptional stakeholder communication
• Report writing and dashboard presentation
• Coaching and mentoring for performance

Responsibilities include :

Overview

• Who we’re looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.

• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.

• Where you’ll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We are in the business of rewards and incentives, so we know the importance of giving back. We are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn — only by working as a team will we reach our goals.

We’re the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

• ISMS Ownership & Audit Readiness

  • Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

  • Coordinate and lead internal audits (quarterly for TZ) and external certification audits.

  • Write up audit findings and risk reports for SLT and the Board.

  • Monitor ISMS KPIs and compliance metrics.

• Risk Management

  • Own the company-wide risk register and associated documentation (excluding the risk framework itself).

  • Support teams in identifying, assessing, and documenting risks.

  • Track and ensure timely implementation of Risk Treatment Plans.

  • Monitor and report on key risk metrics.

• Incident & Corrective Action Management

  • Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

  • Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

  • Maintain and develop ISO 27001-compliant security policies (non-Engineering).

  • Coordinate business-wide security awareness training (e.g., KnowBe4).

  • Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

  • Complete InfoSec and risk sections of client due diligence questionnaires.

  • Support the development of a Trust Centre to streamline security responses.

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.

• A strong understanding of risk frameworks, internal controls, and compliance management.

• Experience with audit coordination and ISMS documentation.

• The ability to translate technical and regulatory language into business-friendly advice.

• Working knowledge of privacy, AML, and business continuity requirements.

• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).

• Exceptional communication, reporting and organisational skills.

We offer all our employees trust and empower our team to work with flexibility and autonomy. We’re a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum

• Retirement Fund (5%)

• Health insurance contribution

• Employee Incentive Scheme

• Hybrid Working

• Top spec equipment including laptop, mouse, keyboard, monitor

• Anniversary gifts

• Monthly breakfasts, drinks, snacks and events

• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world’s leading businesses. Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation. If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Overview

Join us as a Cyber Risk Senior Consultant – Security Operations Center!

Want to help us create a secure cyber environment? Are you up for it? The Cyber Risk team wants to meet you! This new adventure combines innovation and a career path helping you to evolve and grow as a cyber security professional whilst growing and developing in Cyber.

At Deloitte, our Purpose is to make an impact that matters for our clients, our people, and society. This is the lens for which our global strategy is set. It unites Deloitte professionals across geographies, businesses, and skills. It makes us better at what we do and how we do it. It enables us to deliver on our promises to stakeholders, while creating the lasting impact we seek. Harnessing the talent of 450,000+ people located across more than 150 countries and territories, our size and scale puts us in a unique position to help change the world for the better—by bringing together the services we provide, the societal investments we make, and the collaborations we advance through our ecosystems.

At Deloitte, we want everyone to feel they can be themselves and to thrive at work—in every country, in everything we do, every day. We aim to create a workplace where everyone is treated fairly and with respect, including reasonable accommodation for persons with disabilities. We seek to create and leverage our diverse workforce to build an inclusive environment across the African continent.

Note: The list of tasks / duties and responsibilities contained in this document is not necessarily exhaustive. Deloitte may ask the employee to carry out additional duties or responsibilities, which may fall reasonably within the ambit of the role profile, depending on operational requirements.

Be careful of Recruitment Scams: Fraudsters or employment scammers often pose as legitimate recruiters, employers, recruitment consultants or job placement firms, advertising false job opportunities through email, text messages and WhatsApp messages. They aim to cheat jobseekers out of money or to steal personal information.

Job Requirements

• Tertiary qualification in a technical field (such as electronics, computer science, information technology or related fields)
• Minimal years’ experience as SOC analyst: 2-4 years experience
• Advanced knowledge on Cybersecurity.
• Advanced knowledge on attack techniques and cyber threats.
• Advanced knowledge on Operative Systems and Network.
• Knowledge of operations in security tools and perimeter elements.
• Experience in working with ticketing systems.
• Experience in reporting and threat analysis.
• Experience in working with SIEM solutions, i.e.:
• Splunk
• QRadar
• Microsoft Sentinel
• ArcSight
• DEVO
• Experience in identifying and supporting on defining cyber security logic (i.e., use cases) to enhance detection capabilities.
• Experience in conducting advanced incident investigations and security alerts.

Minimum Qualifications

• Extended exposure to Cyber concepts (more than 1 year), using the common technologies (i.e., SIEM, EDR, etc.) to perform investigations of triggered security incidents, reporting those based on findings and provide the required recommendations to mitigate them.

Additional Information: Join us. Shape the future. Win big.

Additional notes: The list of tasks / duties and responsibilities contained in this document is not necessarily exhaustive. Deloitte may ask the employee to carry out additional duties or responsibilities, which may fall reasonably within the ambit of the role profile, depending on operational requirements.

Overview

We are seeking a dynamic and experienced Information Security Manager to lead our efforts in safeguarding sensitive information and maintaining robust security frameworks. The successful candidate will play a key role in managing information security risks, implementing policies, and ensuring compliance with industry standards to protect our organization against potential threats.

• Develop and maintain an information security strategy aligned with organizational goals and compliance requirements.
• Conduct risk assessments to identify vulnerabilities and recommend appropriate security measures.
• Oversee the implementation and management of security technologies and protocols.
• Ensure compliance with relevant regulations, frameworks, and standards (e.g., ISO 27001, GDPR, etc.).
• Lead the response to security incidents, ensuring timely resolution and mitigation of risks.
• Train and educate staff on information security awareness and best practices.
• Collaborate with IT teams and other departments to ensure security is integrated into all business processes.
• Report on security performance, incidents, and risks to senior management.

• Bachelor's degree in information technology, Cybersecurity, or a related field (master’s degree preferred).
• Professional certifications such as CISSP, CISM, or equivalent is highly desirable.
• Minimum of 8 years of experience in information security management or related roles.
• Strong understanding of security frameworks, risk management principles, and regulatory compliance.
• Proficiency in security tools, technologies, and practices.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong interpersonal and communication skills, with the ability to explain technical concepts to non-technical stakeholders.

Requirements

• At least 2 years in Technology Risk, Security Compliance, GRC, CISO, or a similar position.
• Extensive experience managing compliance projects and audits (e.g., SOC 2, ISO 27001).
• Background in IT audit, including ITGC and SOX compliance for US-listed companies.
• Deep understanding of PCAOB standards.
• Familiarity with enterprise applications, including ERP, CRM, and GRC systems.
• Proficiency in managing multiple projects and meeting deadlines using tech tools.
• Excellent verbal and written communication abilities.
• Strong self-starter with a solution-focused and positive attitude.
• Leadership experience.
• Bachelors degree in Engineering, Information Systems, Computer Science, Law, Accounting, or Business.
• Information Security certifications such as CISSP, CISA, CISM, CCSK, or ISO 27001 Lead Implementer (an advantage).
• Certified Public Accountant (an advantage).

Electrum is the next-generation payments technology company that provides cloud-native software to optimize the processing of financial transactions. Since 2012, we have established ourselves as a respected payments technology partner through our deep expertise and track record in delivering trusted enterprise-grade payments solutions.

We’ve built a reputation in providing solutions for high-volume, low-value payment schemes and services that enable our clients to deliver to their customers at scale. We love that the projects we work on touch the lives of millions of South Africans daily, making a real difference.

We hire the best of the best and we offer great opportunities for personal growth and career progression.

We are seeking a highly-skilled Cyber Security Engineer to join our dynamic team in safeguarding our digital infrastructure. This is an exciting opportunity to play a pivotal role in the protection and resilience of our information systems. You will work alongside experienced professionals in a collaborative environment that values innovation, continuous improvement, and proactive risk management. In this role, you will contribute directly to the security posture of the organisation by identifying vulnerabilities, responding to incidents, and implementing best-in-class security practices.


As a Cyber Security Engineer, you will be responsible for protecting the organisation’s digital assets and networks from security threats and unauthorised access. You will monitor systems for potential breaches, respond to incidents, and develop security measures to mitigate future risks.

Vulnerability Management

• Conduct regular vulnerability assessments and risk analyses.
• Evaluate new security tools and services for adoption.
• Manage internal processes for vulnerability disclosures and resolution.
  
  

Incident Response

• Monitor and analyse security logs, alerts, and tools to detect threats.
• Investigate and document incidents, determining cause and impact.
• Follow established incident response protocols and support 24/7 operations through on-call rotations.
  
  

Security Awareness and Risk Management

• Collaborate with teams to implement security best practices.
• Maintain and update policies in line with ISO 27001 and other standards
• Conduct security risk assessments and implement mitigation measures
• Design and deliver employee security awareness training programs.
  
  

Collaboration and Governance

• Foster strong working relationships across internal teams.
• Contribute to the development and maintenance of security documentation, processes, and knowledge bases.
• Promote a culture of compliance, accountability, and continuous improvement.
  

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Minimum of 3 years' professional experience in Cyber Security or a related discipline.
  
  

• Strong technical background in computer systems and network security.
  
• Experience with:
• Vulnerability assessment and management tools
• Extended Detection and Response (XDR) platforms
• Network security technologies (e.g., firewalls, IDS/IPS, segmentation)
• Security frameworks (ISO 27001, SOC2, NIST, CIS Controls)
• Cloud infrastructure security (e.g., VPCs, security groups, NACLs)
  

A good work-life balance is very important at Electrum. To help you manage your own time and energy, Electrum offers benefits such as:

• Flexibility around core working hours (nature of flexibility is negotiated per role based on business needs
• Daily cooked lunches and a stocked kitchen for the mid-day nibbles
• Team socialising, getaways, and social outings

We have created a safe, transparent environment where we know mistakes happen, and that’s okay. We even have a 3 step approach to dealing with them:

1. Tell everyone about it
2. Fix the mistake
3. Tell everyone about it

You are responsible for your actions – both the successes and the failures.

Overview

Location: Centurion Eco Park, Gauteng • Job Type: Permanent

Role Purpose: Design, implement and manage secure firewall solutions using Fortigate and Cisco ASA/Firepower technologies. Responsible for maintaining network security and proactively identifying threats and vulnerabilities.

• Configure, monitor, and maintain Fortigate and Cisco firewall appliances.
• Design and implement firewall policies, NAT, VPNs (IPSec/SSL).
• Perform security audits, penetration testing, and vulnerability assessments.
• Respond to security incidents and provide Level 2/3 support.
• Collaborate with IT teams to ensure secure system design and compliance.
• Generate reports for compliance and analysis.

• 3-5 years’ experience in firewall administration.
• Hands-on expertise with Fortigate, Cisco ASA, and Cisco Firepower.
• Strong understanding of network protocols (TCP/IP, BGP, OSPF, VLANs).
• Familiarity with IDS/IPS, SIEM, and endpoint security solutions.
• Certifications: Fortinet NSE4/5, CCNP Security, or similar desirable.

• Lead network security advisory efforts, including LAN/WAN segmentation, firewall posture reviews, and NAC deployments.
• Provide assurance on secure network configurations and collaborate on optimization of core protocols (TCP/IP, DNS, DHCP).
• Guide secure systems design across Windows, Linux, and hybrid cloud environments, ensuring alignment with security standards.
• Advise on infrastructure changes, identity platforms, and PKI environments to reduce risk and improve resilience.
• Support vulnerability remediation, configuration reviews, and automation strategies for compliance and hardening.
• Engage with stakeholders to align infrastructure initiatives with cybersecurity strategy and mentor teams on secure practices.
  
  

• 8+ years in enterprise cybersecurity, with a strong emphasis on network engineering and infrastructure security.
• Proven expertise in network architecture, including secure design of LAN/WAN, wireless (802.1X, WPA3), and segmentation strategies.
• Hands-on experience with firewall platforms (Fortinet, Cisco, Palo Alto) and Network Access Control (NAC) solutions (FortiNAC, Cisco ISE, Aruba ClearPass).
• Deep understanding of network protocols and services: TCP/IP, DNS, DHCP, VLANs, routing, switching, VPN, and remote access.
• Strong advisory capability across Microsoft environments (Windows Server, Active Directory, Exchange, PKI) and Linux systems (RHEL/Ubuntu).
• Familiarity with cloud platforms (Azure, AWS, GCP), especially hybrid identity and infrastructure deployments.
• Experience with automation and compliance tooling (PowerShell, Ansible, Terraform) for system hardening and monitoring.
• Solid grasp of Data Loss Prevention (DLP) principles and implementation strategies.
  
  

• Advanced knowledge of network security architecture, including segmentation, NAC, and firewall policy design.
• Strong command of network protocols and diagnostics: TCP/IP, DNS, DHCP, VLANs, routing, and switching.
• Proficient in security automation and scripting (PowerShell, Ansible, Terraform) for configuration and compliance.
• Skilled in secure systems design across Windows, Linux, and hybrid cloud environments.
• Experienced in threat modeling, vulnerability assessment, and technical risk analysis.
• Effective communicator with the ability to translate technical risk into business impact.
• Adept at collaborating across IT and security teams, with a proactive and detail-oriented mindset.
  
  

• Action Oriented - readily takes on new challenges and opportunities with a sense of urgency and eagerness
• Communicates Effectively - conveys information and communicates ideas in a clear, concise and impactful manner
• Courage - confronts and tackles challenging situations with courage
• Decision Quality - consistently makes timely, well-rounded and informed decisions
• Ensures Accountability - takes accountability and ensures others are held to account on agreed upon performance targets
• Manages Complexity - interprets and simplifies complex and contradictory information when resolving organisational problems
• Plans and Aligns - develops plans and prioritises initiatives that align to the organisational goals and objectives
• Tech Savvy - leverages new technology to enhance productivity, improve problem solving, and support business growth