362 Information Security Manager jobs in South Africa

Role Overview

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.
• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.
• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Role Overview:

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

Key Responsibilities:

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.
  
  

Qualifications & Experience:

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.

• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.

• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Overview

Description: Reporting to the Chief Information Security Officer (CISO) of the University and a dotted line to the Director of the Citizen Lab, based at the Munk School of Global Affairs & Public Policy, but operating with substantial autonomy under very general guidelines, the Information Security Program Manager provides strategic leadership and management for developing and implementing Information Security Programs which includes but is not limited to the security of the Citizen Lab primarily, as well as data centers, campus perimeter, and campus enterprise systems, as well as managing risk and privacy assessments, incident response and investigation, and outreach and awareness. The Manager provides strategic and tactical planning, evaluation, design, development, implementation, and overall management and support of the University’s Information Security Program, with the goal to protect and improve the University’s cybersecurity infrastructure, posture and culture to minimize risk of compromise to all Information Technology Services (ITS services to the campus, and in managing security controls required, in the support of teaching, learning and research, and services to University staff, faculty and students.

• Lead development and implementation of information security programs for the University and Citizen Lab, including risk management, privacy assessments, incident response, and awareness efforts.

• Provide strategic leadership and management for security across Citizen Lab, data centers, campus perimeter, and campus enterprise systems; ensure alignment with ITS services and University objectives.

• Develop protocols for security of communications during disruptions and establish new security standards and best practices for use of digital assets in the Lab and across the University.

• Guide major security infrastructure and solution projects from design to delivery, ensuring high-quality, innovative solutions aligned with service best practices and privacy requirements.

• Establish and manage relationships with executive leadership, project teams, support teams, clients, stakeholders, and IT departments across the University; act as internal security consultant for proposals and cross-department projects.

• Lead information security incident response for systems with compromised access control, monitor cyber threats, audit privileged access for Citizen Lab systems, and conduct investigations with relevant departments as required.

• Manage projects with a strong business focus, including human resources planning, budget and contract management, and procurement processes related to hardware, software, consulting, and services.

• Serve on University committees and advise on security and privacy considerations, global threat landscape, and cybercrime.

Education: University degree in Computer Science, Engineering, or an equivalent combination of education and experience. A Graduate Degree and certifications and specialization in information security and management, such as CISSP, CISA, ISO Audit, PMP, CRISC or other relevant certifications, are an asset.

Experience:

• Eight (8) years experience in IT, with five (5) years in a team lead or senior/supervisory role in IT and/or organizational security operations.
• Five plus (5+) years focused on Information Security; experience planning, organizing, and developing IT security and facility security systems including endpoint protection, IAM, vulnerability management, network security, incident response, tabletop exercises, risk management and application security.
• Experience working with a broad range of stakeholders and IT SMEs.
• Experience in planning and executing security policies and standards development.
• Excellent knowledge of technology environments, including information security and defense solutions.
• Exposure to data processing, hardware platforms, enterprise software, and outsourced systems, including financial, HR and email.
• Understanding of computer systems characteristics, features, and integration capabilities.
• Experience with systems design and development from business requirements through day-to-day management.
• Strong understanding of IT Architecture concepts and security methodologies.
• Experience developing and adopting information security standards and guidelines.
• Expert level understanding of Information Security technologies and concepts.
• Excellent understanding of defense in depth strategies and implementation across endpoints, servers, appliances, cloud and network architecture.

Skills: Strong managerial and leadership skills. Strong communication skills, both verbal and written. Excellent project management and problem solving skills. Ability to analyze and interpret forensic information and evidence. Ability to master new technology quickly. Strong understanding of change and configuration management processes.

Other: Broad knowledge of industry innovations and state-of-the-art technology in computing and networking, in-depth knowledge of information security. Strong organizational and interpersonal skills. Familiarity with financial requirements of project management is an asset. Familiarity with database administration and operations. Exposure to e-commerce and other net-centric business models highly desirable.

Closing Date: 09/30/2025, 11:59PM ET
Employee Group: Salaried
Appointment Type: Budget - Continuing
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 5 -- Hiring Zone: $120,499 - $40,583 -- Broadband Salary Range: 120,499 - 200,831
Job Category: Information Technology (IT)

Diversity Statement

The University of Toronto embraces Diversity and is building a culture of belonging that increases our capacity to effectively address and serve the interests of our global community. We strongly encourage applications from Indigenous Peoples, Black and racialized persons, women, persons with disabilities, and people of diverse sexual and gender identities. We value applicants who have demonstrated a commitment to equity, diversity and inclusion and recognize that diverse perspectives, experiences, and expertise are essential to strengthening our academic mission.

As part of your application, you will be asked to complete a brief Diversity Survey. This survey is voluntary. Any information directly related to you is confidential and cannot be accessed by search committees or human resources staff. Results will be aggregated for institutional planning purposes. For more information, please see

Accessibility Statement

The University strives to be an equitable and inclusive community, and proactively seeks to increase diversity among its community members. Our values regarding equity and diversity are linked with our unwavering commitment to excellence in the pursuit of our academic mission.

The University is committed to the principles of the Accessibility for Ontarians with Disabilities Act (AODA). As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities.

If you require any accommodations at any point during the application and hiring process, please contact

Overview

About our client: Our client is a global investment advisory firm focusing on long-term value creation through investment strategies. They work with a diverse group of institutional partners and pride themselves on their collaborative, sustainable, inclusive culture and performance.

What you will be doing:

• Develop and implement enterprise-wide information management and retention strategies, ensuring effective structuring, maintenance, and utilisation of information assets.
• Define and enforce data classification, lifecycle management, and records retention policies aligned with financial regulations (e.g., GDPR, DORA).
• Collaborate with Data Privacy on governance, retention policies, and Records of Processing Activities (ROPA), ensuring compliance across business units.
• Lead development of a data governance framework covering stewardship, accountability, and data quality.
• Liaise with IT, legal, and regulatory bodies to ensure alignment with compliance requirements.
• Oversee data audits, generate compliance reports, and implement security controls for sensitive data.
• Work closely with security teams on incident response and business continuity strategies for data protection.
• Ensure secure handling, storage, and disposal of information in accordance with policy.
• Align information management practices with evolving business needs, collaborating with IT on retention, access, and storage strategies.
• Manage vendor relationships to ensure third-party data management practices meet compliance standards.
• Develop and track KPIs related to information management, data security, and regulatory compliance.
• Provide strategic insights to senior management based on data trends and compliance analysis.
• Maintain accurate and current documentation of all data management policies and procedures.

What our client is looking for:

• A relevant degree in IT, Computer Science, or related field is preferred.
• Certifications (e.g., ITIL, PMP, CISM) are highly desirable.
• 5+ years experience in IT, data governance, or information security, ideally in financial services.
• Strong knowledge of financial systems, data regulations (GDPR, DORA, ISO 27001).
• Expertise in cybersecurity, risk management, and compliance frameworks.
• Experience with data retention, DLP, and compliance audits.
• Familiar with security governance standards and regulatory reporting.
• Proven collaboration, influencing, and negotiation skills.
• Detail-oriented, self-driven, and strategic with strong decision-making ability.
• Effective communicator across teams with analytical and problem-solving skills.
• Adaptable and resilient in high-pressure, regulated environments.

Job ID:

• J

For a more comprehensive list of opportunities that we have on offer, do visit our website - URL Removed

Desired Skills:

• Data Governance
• Information Security
• Risk Management

Location: ZA, GP, Johannesburg, Baker Street 30

Develop, lead and mature the implementation of a threat hunting programme within the Cyber Security Operations Centre (CSOC) in line with the InfoSec strategy and roadmap. Guide, support and direct threat hypothesis, information assimilation and the designing, scoping and executing of threat hunts, reviewing and guiding the remediation processes. This hands-on role requires deep technical knowledge of security monitoring, security operations, network and systems analysis, threat modelling and threat detection.Responsible for leading and managing a team of technical security Threat Hunters and Cyber Engineers, contributing to the mentoring, coaching and growth of the team.

• A degree Information Technology is required.

Experience:

• Collaborating with Threat Intelligence and Offensive analysts to identify priority cyber threats, designing strategies for complex cyber hunts and the execution thereof. Cyber Hunts should be designed and executed based on prioritized complex hypothesis-based threat hunting, including the design and documentation thereof.
• Experience in a CSOC environment, including monitoring, detecting, and responding to security incidents, familiarity with SIEM tools such as Microsoft Sentinel would be advantageous.
• Experience or exposure to penetration testing and red teaming, with a focus on identifying and exploiting system vulnerabilities, is advantageous.
• Experience with cloud platforms like Azure and AWS, including cloud security best practices and managing cloud resources, would be beneficial.
• Seeking an individual with a solid engineering background, with a particular focus on proficiency in the Linux operating system, including system management, security, and troubleshooting.
• Experience or exposure to incident response, including identifying, analyzing, and mitigating security incidents, would be beneficial.
• Exposure to automation or scripting with languages like Bash, Python, or PowerShell, to streamline security tasks or integrate tools, is a plus.

• Offensive Skills (Pen Testing, Red Teaming)
• Integration / Automation / Scripting (Bash, Python, PowerShell)

Location: ZA, GP, Johannesburg, Baker Street 30

Develop, lead and mature the implementation of a threat hunting programme within the Cyber Security Operations Centre (CSOC) in line with the InfoSec strategy and roadmap. Guide, support and direct threat hypothesis, information assimilation and the designing, scoping and executing of threat hunts, reviewing and guiding the remediation processes. This hands-on role requires deep technical knowledge of security monitoring, security operations, network and systems analysis, threat modelling and threat detection. Responsible for leading and managing a team of technical security Threat Hunters and Cyber Engineers, contributing to the mentoring, coaching and growth of the team.

• A degree in Information Technology is required.

• Collaborating with Threat Intelligence and Offensive analysts to identify priority cyber threats, designing strategies for complex cyber hunts and the execution thereof. Cyber Hunts should be designed and executed based on prioritized complex hypothesis-based threat hunting, including the design and documentation thereof.
• Experience in a CSOC environment, including monitoring, detecting, and responding to security incidents; familiarity with SIEM tools such as Microsoft Sentinel is advantageous.
• Experience or exposure to penetration testing and red teaming, with a focus on identifying and exploiting system vulnerabilities, is advantageous.
• Experience with cloud platforms like Azure and AWS, including cloud security best practices and managing cloud resources, would be beneficial.
• Seeking an individual with a solid engineering background, with a particular focus on proficiency in the Linux operating system, including system management, security, and troubleshooting.
• Experience or exposure to incident response, including identifying, analyzing, and mitigating security incidents, would be beneficial.
• Exposure to automation or scripting with languages like Bash, Python, or PowerShell, to streamline security tasks or integrate tools, is a plus.

• Offensive Skills (Pen Testing, Red Teaming)
• Integration / Automation / Scripting (Bash, Python, PowerShell)

Location: ZA, GP, Johannesburg, Baker Street 30

To provide expert professional knowledge and technical skills within a specialist area. To support the bank's Information Security initiatives, the associated decision making, planning and implementation to monitor and protect sensitive data and systems from infiltration or misuse.

• A degree in Information Technology is required.

• 3-4 years experience in people management and leadership is required.
• 3-4 years proven experience in risk management or information security, databases, operating systems, and network security controls.
• 3-4 years proven experience in software and integration development is required.