218 IT Security jobs in Johannesburg

Key Responsibilities Projects & Implementation (35%) Lead network infrastructure projects, coordinate timelines, and evaluate new technologies Reporting & Documentation (10%) Generate network performance reports, maintain technical documentation, and create standard operating procedures Critical Issue Management (15%) Respond to priority incidents, manage escalations, conduct root cause analysis, and participate in incident response Stakeholder Management (10%) Maintain vendor relationships, collaborate with business units, and negotiate technical specification Technical Support & Knowledge

Hiring Now: Senior IT Network Security Engineer!

Are you a highly motivated security specialist with hands-on Fortinet experience looking for your next big challenge?

Our client is building a dynamic, energetic team and needs YOU to help secure cutting-edge networks!

What You'll Do:

1. Configure & manage top security tech (Fortinet-focused) - Project Management experience is a must!
2. Respond to security alerts & analyze reports
3. Keep systems updated & patched

What You Bring:

1. 3-5+ years in network security engineering
2. 2+ years hands-on experience with Fortinet products (mandatory)
3. Relevant IT security qualifications (Fortinet certs preferred)
4. Strong communication, problem-solving & attention to detail

Salary: Negotiable based on experience

Only applicants with the required experience will be considered. Ready to level up your career?

#J-18808-Ljbffr

Hiring Now: Senior IT Network Security Engineer! Are you a highly motivated security specialist with hands-on Fortinet experience looking for your next big challenge? Our client is building a dynamic, energetic team and needs YOU to help secure cutting-edge networks! What You'll Do: Configure & manage top security tech (Fortinet-focused) - Project Management experience is a must! Respond to security alerts & analyze reports Keep systems updated & patched What You Bring: 3-5+ years in network security engineering 2+ years hands-on experience with Fortinet products (mandatory) Relevant IT security qualifications (Fortinet certs preferred) Strong communication, problem-solving & attention to detail Salary: Negotiable based on experience Only applicants with the required experience will be considered. Ready to level up your career? #J-18808-Ljbffr

To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

Job Responsibilities

• We are looking for a suitable resource with general network security or web security experience to alleviate work pressures on our current team members
• Experience with Email and Web Proxies
• DNS Security knowledge
• Experience with Microsoft O365
• Assist with support of current email and web security tasks
• Liaise with other teams to promote good security practices and explain security procedures
• Experience with Security Technologies
• Building relationships with I&O Teams
• Oversee the implementation of the information security changes and check for the short comings and risks.
• Interpret MIS and system logs/ reports with the view to analyse and correct any deviations against standards and best practices.
• Participate in the implementation of new products as provided in the selection criteria.
• Act as the 1st point of problem resolution for non routine incidents and 1st line support for problems.
• Ensure compliance to standards and practises by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
• Document and maintain all relevant processes and procedures mindful of current policies and standards.
• Create and maintain information security standards.
• Oversee and monitor the information security environment according to set standards.
• Review and contribute to project documentation including business requirements, designs and implementation.
• Create design documentation according to relevant standards and practices
• Implement specific Information security technologies.
• Gain further exposure and experience on multiple technologies by job shadowing Information Security analysts III and Technical Specialist.
• Log submit and implement low, medium and high risk changes independently.
• Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
• Oversee and ensure change was successful in certain cases and when required perform unit testing.
• Oversee and ensure back-ups are done, documents are stored and statuses updated.
• Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
• Monitor and action Service Manager low, medium and high impact incidents and e-mails related to Information Security.
• Ensure job related tasks and processes are in place.
• Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
• Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
• Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
• Improve personal capability and to stay abreast of developments in field of expertise by identify training courses and career progression opportunities for self through input and feedback from managers.
• Ensure information is provided correctly to stakeholders by maintaining knowledge sharing knowledge with team.
• Transfer of knowledge to team members.
• Identify and recommend opportunities to enhance processes, systems and policies and support implementation of new processes, policies and systems.

Technical Knowledge

• Strong knowledge of Information Security Principles
• Ensuring security best practices are implemented , safeguarding network infrastructure against any potential threats
• Knowledge of Email Security
• Experience with Email Security Technologies
• Experience Service Now
• Experience Microsoft O365

Essential Qualifications - NQF Level

• Matric / Grade 12 / National Senior Certificate
• Advanced Diplomas/National 1st Degrees

Preferred Certifications

• CCNA - Security
• Security +
• Network +
• MS Azure Certifications – MS 365

Minimum Experience Level

Minimum of 3 years’ experience in an IT operations team dealing with the network Security tasks

Technical / Professional Knowledge

• Administrative procedures and systems
• Data analysis
• Governance, Risk and Controls
• Principles of project management
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Cluster Specific Operational Knowledge
• System Development Life cycle(SDLC)
• TCP/IP
• Information Security terms and definitions
• Information Security policies and procedures
• Communication
• Customer Focus
• Initiating Action
• Managing Work
• Technical/Professional Knowledge and Skills

---

Please contact the Nedbank Recruiting Team at

If you can't find the job you're looking for, activate job alerts to be one of the first to know when new positions open up.

Nedbank Ltd Reg No 1951/ /06.
Authorised financial services and registered credit provider (NCRCP16).

For assistance please contact the Nedbank Recruiting Team at

#J-18808-Ljbffr

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

Key Responsibilities:

• Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
• Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
• Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
• Perform vulnerability assessments and penetration testing to identify security weaknesses.
• Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
• Work with IT and development teams to ensure secure configurations and practices across all systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in cybersecurity, information security, or a related role.
• Strong understanding of security principles, concepts, and technologies.
• Experience with security monitoring tools, SIEM platforms, and incident response procedures.
• Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
• Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication skills to effectively collaborate with cross-functional teams.
• CERT, CISSP, CISM, or equivalent security certifications are a plus.

#J-18808-Ljbffr

Industry: Scientific, Research & Development Job category: Network Administration and Security Location: Randburg Contract: Permanent Remuneration: Market Related EE position: Yes Introduction Mintek has an exciting career opportunity for an ICT Security Analyst. The successful candidate will ensure the security and integrity of MINTEK’s ICT infrastructure by implementing and managing key security systems, monitoring network traffic, responding to incidents, conducting risk assessment and ensuring compliance with regulations like POPIA. The ideal candidate will have strong cybersecurity skills and experience with various security tools. System Administration and Security Management Firewall Administration (IPS/IDS): Manage and monitor firewall configurations, ensuring optimal performance and security. Implement intrusion detection and prevention systems to protect against potential threats; Endpoint EDR Administration and Monitoring: Manage and monitor EDR systems by configuring policies, conducting threat hunts, analysing alerts, and ensuring updates. Implement behavioural detection and prevention to identify and mitigate threats, ensuring endpoint security and performance; VPN Management: Administer and secure virtual private network, ensuring secure remote access for users while monitoring for unauthorised access or breaches; Mimecast Administration: Oversee the e-mail security platform, ensuring robust protection against phishing, malware, and other e-mail-based threats; Know Be4 Security Awareness Training: Manage the security awareness platform, coordinating regular phishing simulations and training sessions to improve staff vigilance against social engineering attacks; SIEM Incident Remediation: Monitor security information and event management (SIEM) systems incidents, analyse security alerts, and respond to incidents promptly to mitigate risks; Active Directory (AD) Security: Ensure the security and integrity of the Active Directory environment by managing access controls, permissions, and group policies; Cloud Security: Implement and manage security measures for cloud-based services, ensuring data protection and compliance with MINTEK’s security policies. Specialized Security Administration Digital Signature Administration: Manage the digital signature platform, ensuring secure and compliant electronic document signing processes; Data Governance: Develop and enforce data governance policies, ensuring the organization’s data is managed securely, consistently, and in compliance with regulations; Vulnerability Management: Conduct regular vulnerability assessments, applying patches and updates as necessary, and ensuring systems are protected against known vulnerabilities. Compliance and Governance POPIA Compliance: Ensure all ICT operations and data management practices comply with the Protection of Personal Information Act (POPIA) requirements, implementing necessary controls and processes. Collaboration and Support Cross-ICT Sections Collaboration: Work closely with other sections in ICT to ensure security measures are integrated into all aspects of the organization’s operations; User Support: Provide technical support and guidance to users regarding security practices and incident response procedures; Monthly Reporting: Prepare regular reports on security status, incidents, and compliance for senior management and regulatory bodies. EDUCATION: Minimum: Bachelor’s degree in information technology, Computer Science, Information Systems, Cybersecurity, or a related field. Ideal: Comp TIA's Security, CISSP or equivalent EXPERIENCE: Minimum of 3-5 years of experience in IT security, with specific experience in the administration of firewalls, VPNs, and SIEM systems; Hands-on experience with firewalls, EDRs, email security, security awareness training, vulnerability management and AD security. Experience in cloud security and vulnerability management is essential. #J-18808-Ljbffr

ENVIRONMENT

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester /Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

DUTIES Penetration Testing Duties

• Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
• Conduct network penetration tests
• Conduct application penetration tests (web and thick client)
• Conduct wireless and mobile security assessments
• Conduct social engineering assessments
• Conduct physical security assessments
• Effectively communicate successes and obstacles with fellow team members and line managers
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
• Utilise common vulnerability assessment and penetration testing tools

Red Teaming Duties

• Working as part of a Red Team and assisting with the following duties (but not limited to):
• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
• Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
• Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
• Escalate privileges and maintain persistence
• Exfiltrate and / or complete objectives

Research and Development Duties

• Research new vulnerabilities with a focus on high-profile products
• Understand the terminology and tactics employed by threat actors Research new attack methods

REQUIREMENTS

• Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
• Previous Red Team experience required

#J-18808-Ljbffr

Network and Security Engineer JOHANNESBURG NORTH

JHB North, Johannesburg – Gauteng

Network and Security Engineer

Paterson Grade : D-Upper

12 Month Contract Position

Key performance areas :

Overall cybersecurity compliance, management, and training throughout the organization.

Ensures that data integrity, and that information is kept accurate and consistent unless authorized access.

Managing and monitoring all installed systems and infrastructure.

Organization-wide cybersecurity and related document, process, and record management to ensure that systems and products are safe / secure and effective.

Installing, configuring, testing, and maintaining operating systems, application software and system management tools.

Ensuring the highest levels of systems and infrastructure availability.

Proposes design enhancements, capacity changes, contingency and recovery.

Arrangements as required to ensure that service targets are met within the organisation’s planned budget.

Ensures the investigation and diagnosis of operational incidents.

Resolve such incidents, including any capacity and availability management issues to maintain overall performance.

Acts as the technical lead on projects relating to security, data, and voice network management.

Provides advice and guidance on the design and development of new and changed systems to optimize operational efficiency.

Ensures that appropriate software and specialist monitoring tools are used to maintain awareness and control of hardware and software.

Monitors exceptional incidents and conducts or initiates investigations on system performance.

Proposes and implements consequent improvements working towards industry top benchmark targets.

Coach and monitor junior engineers, setting standards of performance and objectives (both collective and individual) in line with service objectives, provides direction and support to all team members ensuring that the highest professional standards are observed.

Monitor and test application and network performance for potential bottlenecks, identify possible solutions, and work with developers to implement those fixes.

Competencies, Knowledge, and Skills :

Knowledge of NIST and other security related frameworks.

Documentation (both process documentation and records management).

Broad knowledge of hardware, networking cyber security, vulnerability management and cloud migration.

In-depth understanding of infrastructure and network architecture and design.

Working knowledge on end points security solutions (firewalls, anti-virus, and network vulnerability assessments

Access control systems

Incidents detection and management.

Excellent analytical and problem-solving skills.

Strong Troubleshooting / problem-solving ability.

Understanding of virtual environments and containers.

Extensive understanding of Networks switching and routing as well as Voice technologies SIP and SBS’s.

Extensive understanding of firewalls, IPS, ACLS, DLP and vulnerability assessment.

Understanding of Enterprise Linus and Windows servers and services.

Experience with monitoring systems.

Experience with automation software.

Minimum Requirements :

Relevant Degree / National Diploma in Information Technology / Computer Science / Information Systems or equivalent

3-4 year’s experience in ICT security : (ie : 4 Years senior systems engineer experience / 3 years as a team lead / 2 Years’ senior security engineer experience / 2 Years’ senior data engineer experience / 2 Years’ senior voice engineer experience)

Certificate or equivalent in Information / IT Security such as CISSP, SISM, CCSP. ITIL would serve as an added advantage.

Closing Date : 6 March 2024

Should you not hear from us within 14 days of the closing date, please consider your application unsuccessful.

Create a job alert for this search

Network Engineer • JHB North, Johannesburg - Gauteng

#J-18808-Ljbffr

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

#J-18808-Ljbffr