235 IT Security jobs in Johannesburg

• Manage and resolve firewall-related tickets efficiently.
• Add, modify, and optimize firewall rules in line with security best practices.
• Configure Palo Alto firewalls confidently and effectively.
• Implement secure changes without disrupting business operations.
• Monitor and analyze security systems to proactively prevent breaches.
  
  
  

• Palo Alto Certification (essential).
• Proven experience managing and configuring Palo Alto firewalls.
• Strong understanding of firewall rule creation and security change management.
• Familiarity with common security protocols and network monitoring tools.
• Excellent troubleshooting and analytical skills.
  
  
  

• Experience working with Checkpoint firewalls.
• Exposure to other enterprise security solutions.
  
  
  

• 100% remote work operate from anywhere in South Africa.
• Competitive salary aligned with experience.
• Join a dynamic, security-focused team with cutting-edge tools and projects.
  

Join to apply for the Network Security Engineer role at Impronics Technologies

Join to apply for the Network Security Engineer role at Impronics Technologies

• Network Security Design & Implementation:
  
  

• Network Security Design & Implementation:
  
  

• Firewall & Intrusion Detection:
  
  

• Threat Monitoring & Incident Response:
  
  

• Security Audits & Risk Assessments:
  
  

• Security Tools & Automation:
  
  

• Strong understanding of network protocols, including TCP/IP, DNS, DHCP, and HTTP.
• Hands-on experience with firewalls (Palo Alto, Cisco ASA, Fortinet, etc.), VPN technologies, and IDS/IPS.
• Experience with network security tools such as SIEM, vulnerability scanners (Nessus, Qualys), and penetration testing tools.
• Familiarity with cloud security architectures and hybrid environments (AWS, Azure).
• Knowledge of industry standards and best practices (NIST, ISO 27001, PCI DSS).

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Technology, Information and Media

Referrals increase your chances of interviewing at Impronics Technologies by 2x

Kempton Park, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 1 month ago

Midrand, Gauteng, South Africa 2 weeks ago

Midrand, Gauteng, South Africa 2 weeks ago

Randburg, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 2 days ago

Johannesburg, Gauteng, South Africa 6 days ago

Midrand, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 3 days ago

Johannesburg, Gauteng, South Africa 1 month ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, 30 Baker Street

• Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams
• Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.
• Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI-DSS).
• Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office 365)

• Administer and optimize anti-phishing, anti-malware, and anti-spoofing policies.
• Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.
• Configure Safe Links, Safe Attachments, and ATP policies.
• Support investigations of email-based threats and data leakage attempts.

Web Security (Forcepoint and DMARC)

• Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.
• Investigate web-based threat alerts and policy violations.
• Assist in integration of web security controls with broader DLP and SIEM tools.
• Provide guidance for policy tuning and user experience improvements.
• Manage, Maintain and Support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks)

• Configure and monitor policies on Cato Networks’ SSE platform for secure internet access and cloud app control.
• Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.
• Review access logs, user behaviour, and cloud application usage for anomalies.
• Coordinate with network and identity teams to streamline SSE enforcement.
• Triage alerts across DLP, email, web, and SSE tools; escalate or respond as needed.
• Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.
• Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.
• Maintain documentation and support audit readiness.

Technical Skills

• Strong hands-on experience with Microsoft Purview DLP (E5).
• Proficient in Microsoft Defender for Office 365 (email hygiene, ATP, threat management).
• Experience with Forcepoint Web Security policy design, deployment, and management.
• Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred.
• Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience

• 5+ years in IT Security roles, with at least 2–3 focused on data security.
• Direct involvement in policy design, incident triage, and ongoing tuning of DLP/email/web security tools.
• Exposure to regulated environments with compliance reporting (e.g., financial services)
• Soft Skills
• Detail-driven with strong analytical skills.
• Clear communicator, especially when engaging end-users on policy violations or tuning.
• Able to balance risk mitigation with operational practicality.
• Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Information Protection Administrator Associate (SC-400)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus

Key Responsibilities

1. Protect Property : Safeguard an employer’s property from theft, vandalism, and other criminal activities.
2. Monitor Surveillance : Use the onsite (CCTV) cameras and alarm systems to monitor premises and detect suspicious activities.
3. Emergency Response : Respond promptly to emergencies, including alarms, disturbances, or incidents requiring immediate attention.
4. Access Control : Manage and control access to buildings by monitoring visitor and employee entry, ensuring only authorized individuals are allowed access, searching of employees.
5. Report Writing : Document and report any incidents, observations, or irregularities encountered during shifts, maintaining accurate records for future reference.
6. Customer Assistance : Provide assistance to customers, employees, and visitors, addressing their inquiries and ensuring a safe environment.

• Communication Skills : Strong verbal and written communication skills to interact effectively with individuals at all levels.
• Observational Skills : Keen attention to detail to identify potential security threats or safety hazards.
• Problem-Solving Skills : Ability to remain calm and neutralize situations with tact and common sense.
• Physical Fitness : Good physical condition to perform patrols and respond to emergencies as needed.
• Certifications : PSIRA Certification required, SAPS Firearm competency for business purposes required.
• Experience : Min 2 years, 5-10 years' experience preferred

Must reside locally in the East Rand area

Send detailed and updated CV to for attention Gus.

Why choose Logicalis? It’s not just IT solutions, It’s IT global know-how! Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.

Our customers span industries and geographical regions; and our focus is to engage in the dynamics of our customers’ vertical markets; including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and apply the skills of our 4,500 employees in modernising key digital pillars; data centre and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernisation.

We are the advocates for our customers for some of the world’s leading technology companies including Cisco, HPE, IBM, CA Technologies, NetApp, Microsoft, Oracle, VMware and ServiceNow.

Logicalis employees are innovative, smart, entrepreneurial and customer centric, with a shared ambition of making Logicalis the worlds leading IT Solutions provider! We offer speedy decision-making, opportunities for personal development, and a supportive, inclusive environment that celebrates our diversity.

The Security Operations Centre will provide defence against security breaches and actively isolate and mitigate security risks. The Security Specialist forms part of the security operations centre SOC team.

• Possesses in-depth knowledge of network, endpoint, threat intelligence, forensics and malware reverse Analysis, as well as the functioning of specific applications or underlying IT infrastructure.
• Acts as an incident “hunter,” not waiting for escalated incidents.
• Closely involved in developing, tuning, and implementing threat detection analytics.
• Acts as the escalation for Tier 1 and 2 SOC Analysts.
• Responds to and oversees the remediation of a declared security incident.
• Completes the Root Cause Analysis Report for P1 to P4.
• Provides guidance to Tier 1 and 2 SOC Analysts.
• Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack.
• Monitors shift-related metrics ensuring applicable reporting is gathered and disseminated to the SOC Manager.
• Make recommendations to the SOC Manager.
• Oversees the analysis on running processes and configs on affected systems.
• Undertakes in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted.
• Oversees the containment and recovery.
• Oversees the deep-dive incident analysis by correlating data from various sources.
• Validates if a critical system or data set has been impacted.
• Provides support for analytic methods for detecting threats.
• Conducts advanced triage based on defined run books of alerts.
• Undertakes threat intelligence research if need be.
• Validates false positives, policy violations, intrusion attempts, security threats and potential compromises.
• Undertakes security incident triage to provide necessary context prior to escalating to relevant Security Specialists to perform deeper analysis when necessary.
• Further analyses alarms by method e.g. credentials compromised and by asset class.
• Based on the correlation rules and alarms within the SIEM and run books, further analyses anomaly tactic using the MITRE ATT&CK framework.
• Analyses event and process metadata in real-time or retrospectively, and identify suspicious files/scripts seen for the first time.
• Closes tickets in the SIEM platform – this would be automatically created into Service Now.
• Manages security incidents using the SIEM platform and defined operational procedures.
• Performs a further investigation of potential incidents, and escalate or close events as applicable.
• Validates investigation results, ensuring relevant details are passed on to Tier 2 SOC Level 2 for further event analysis.
• Closes out deeper analysis and review activities.
• Assist senior SOC staff with operational responsibilities.

• Strong knowledge and experience working with SIEM Solutions, QRadar, McAfee ESM, Azure Sentinel.
• Proven experience with Office 365, Active Directory, Azure and Microsoft Exchange.
• Strong knowledge and experience working with Linux Operating systems.
• Good experience working with Nessus or Qualys.
• Good understanding of the MITRE ATT&CK framework.
• Good understanding of the ITIL Framework.
• Brilliant with a support ticketing system and experience in meeting SLA targets.
• Familiarity with risk management and quality assurance control.
• Excellent interpersonal skills and professional demeanor.
• Excellent verbal and written communication skills.
• Candidate must be eligible to obtain National Security Clearance.

• Grade 12.
• SIEM Technology certification.
• AZ500, SC100.
• ITIL Foundation qualification.
• Degree or Diploma in Computer Technology.
• CompTIA A+, N+ S+.
• CompTIA CySa, CISSP and CASP+ advantageous.

• Advanced Microsoft Excel experience, specifically data interpretation.
• Good understanding of IT infrastructure.
• A high command of the English language both written and verbal is essential.
• Self-motivated with the ability to work unsupervised.
• Attention to detail.
• Punctuality.
• Excellent verbal and written communication skills.
• Ability to remain flexible and adapt to changing priorities with promptness, efficiency, and ease.
• Possess proficient analytical and decision-making skills.
• Demonstrated capacity for gathering and scrutinizing data to identify issues, opportunities, and patterns.
• Proficient relationship building skills – predict customer behavior and respond accordingly.
• A strong service-oriented (‘can-do’) culture, with a strong focus on the ‘internal customer’ approach, committed to exceeding customer expectations.
• Good communicator with the customer environment.
• Dynamic but aware of the views and feelings of others.
• Able to operate as a good team player.
• Drive and Energy.
• Demonstrate clear purpose, enthusiasm, and commitment.

Overview

Contract duration: Start with 6 months

Location: JHB

Pay rate: Negotiable

Security Architectures

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provide guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation and evaluation of all new initiatives, with phase gates reviews presented to all stakeholders during key forums including current trends such as AI and LLMS.
• Evaluate and select security technologies, tools, and frameworks to support the organisation’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Define and apply security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Lead incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure, and AWS.
• Manage security architects and mentor engineers, developers and vendors.

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

It’s not just IT solutions, It’s IT global know-how! Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.

Our customers span industries and geographical regions; and our focus is to engage in the dynamics of our customers’ vertical markets; including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and apply the skills of our 4,500 employees in modernising key digital pillars; data centre and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernisation. We are the advocates for our customers for some of the world’s leading technology companies including Cisco, HPE, IBM, CA Technologies, NetApp, Microsoft, Oracle, VMware and ServiceNow

Logicalis employees are innovative, smart, entrepreneurial and customer centric, with a shared ambition of making Logicalis the worlds leading IT Solutions provider!

We offer speedy decision-making, opportunities for personal development, and a supportive, inclusive environment that celebrates our diversity.

Join us and become a part of something epic!

ROLE PURPOSE

The Security Operations Centre will provide defence against security breaches and actively isolate and mitigate security risks. The Security Specialist forms part of the security operations centre SOC team. The SOC Team will identify, analyse, and react to cyber security threats using a reliable set of processes and security technologies. The SOC Team includes the SOC Manager, SIEM Platform Manager, Case Manager, SOC Tier 1,2 and 3 Analysts and Security Specialists. They work with IT operational teams to address security incidents and events

quickly. The SOC Team will provide a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident.

ROLE AND DELIVERY RESPONSIBILITIES:

The job role includes actively participating in the incident detection process as follows:

• Possesses in-depth knowledge of network, endpoint, threat intelligence, forensics and malware reverse Analysis, as well as the functioning of specific applications or underlying IT infrastructure
• Acts as an incident “hunter,” not waiting for escalated incidents
• Closely involved in developing, tuning, and implementing threat detection analytics
• Acts as the escalation for Tier 1 and 2 SOC Analysts
• Responds to and oversees the remediation of a declared security incident
• Completes the Root Cause Analysis Report for P1 to P4
• Provides guidance to Tier 1 and 2 SOC Analysts
• Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack
• Monitors shift-related metrics ensuring applicable reporting is gathered and disseminated to the SOC Manager
• Make recommendations to the SOC Manager
• Oversees the analysis on running processes and configs on affected systems.
• Undertakes in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted
• Oversees the containment and recovery
• Oversees the deep-dive incident analysis by correlating data from various sources
• Validates if a critical system or data set has been impacted
• Provides support for analytic methods for detecting threats
• Conducts advanced triage based on defined run books of alerts
• Undertakes threat intelligence research if need be
• Validates false positives, policy violations, intrusion attempts, security threats and potential compromises
• Undertakes security incident triage to provide necessary context prior to escalating to relevant Security Specialists to perform deeper analysis when necessary
• Further analyses alarms by method e.g. credentials compromised and by asset class
• Based on the correlation rules and alarms within the SIEM and run books, further analyses anomaly tactic using the MITRE ATT&CK framework
• Analyses event and process metadata in real-time or retrospectively, and identify suspicious files/scripts seen for the first time
• Closes tickets in the SIEM platform – this would be automatically created into Service Now
• Manages security incidents using the SIEM platform and defined operational procedures
• Performs a further investigation of potential incidents, and escalate or close events as applicable
• Validates investigation results, ensuring relevant details are passed on to Tier 2 SOC Level 2 for further event analysis
• Closes out deeper analysis and review activities
• Assist senior SOC staff with operational responsibilities

PERSON REQUIREMENTS:

EXPERIENCE:

• Strong knowledge and experience working with SIEM Solutions, QRadar, McAfee ESM, Azure Sentinel
• Proven experience with Office 365, Active Directory, Azure and Microsoft Exchange.
• Strong knowledge and experience working with Linux Operating systems
• Good experience working with Nessus or Qualys
• Good understanding of the MITRE ATT&CK framework
• Good understanding of the ITIL Framework.
• Brilliant with a support ticketing system and experience in meeting SLA targets.
• Familiarity with risk management and quality assurance control.
• Excellent interpersonal skills and professional demeanor
• Excellent verbal and written communication skills
• Candidate must be eligible to obtain National Security Clearance

QUALIFICATIONS:

• Grade 12
• AZ500,SC100
• Degree or Diploma in Computer Technology
• CompTIA A+, N+ S+
• CompTIA CySa, CISSP and CASP+ advantageous

ADDITIONAL SKILLS/ATTRIBUTES:

• Advanced Microsoft Excel experience, specifically data interpretation
• Good understanding of IT infrastructure
• A high command of the English language both written and verbal is essential.
• Self-motivated with the ability to work unsupervised.
• Punctuality
• Excellent verbal and written communication skills
• Ability to remain flexible and adapt to changing priorities with promptness, efficiency, and ease
• Possess proficient analytical and decision-making skills
• Demonstrated capacity for gathering and scrutinizing data to identify issues, opportunities, and patterns
• Proficient relationship building skills – predict customer behavior and respond accordingly
• A strong service-oriented (‘can-do’) culture, with a strong focus on the ‘internal customer’ approach, committed to exceeding customer expectations
• Good communicator with the customer environment
• Dynamic but aware of the views and feelings of others
• Able to operate as a good team player
• Drive and Energy
• Demonstrate clear purpose, enthusiasm, and commitment

If you’re interested in career opportunities, but not ready to apply, join our Talent Network to stay connected to us and receive updates on the latest job opportunities and company news.

About Nintex:

At Nintex, we are transforming the way people work, everywhere.

As the global standard for process intelligence and automation, we're trusted by over 10,000 public and private sector organizations across 90 countries. Our customers, from industry giants like Amazon, Coca-Cola, and Microsoft, rely on the Nintex Platform to accelerate their digital transformation journeys by managing, automating, and optimizing business processes quickly and efficiently. We improve their lives through the technology we build.

We are committed to fostering a workplace that supports amazing people in doing their very best work every day. Collaboration is constant, our workplace is fun, the environment is fast-paced, and we value our people’s curiosity, ideas, and enthusiasm. Driven by passion and accountability, we take initiative, measure progress, and deliver results. Our culture fosters innovation and problem-solving, fueled by curiosity and a commitment to thinking big. Together, we move with agility, prioritize customer needs, and build unity through empathy, leaving a positive impact wherever we go.

About the role:

The Security Engineer will implement the organization's security policies, procedures, and standards. This role requires an in-depth understanding of current and emerging threats and technology to drive innovation and improvement in all technical areas of security.

This role requires a proven background in Cloud Application Security Operations on Azure or AWS.

This role is hybrid in JHB.

Your contribution will be:

• Manage and support vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) including scheduling, result analysis, and report generation.
• Support and enhance SIEM platforms (e.g., Splunk, QRadar) including data ingestion, parsing, correlation rules, dashboards, and alerts.
• Collaborate with DevOps, IT, and development teams to ensure proper tool integration and secure configurations across environments.
• Troubleshoot and resolve issues related to security tool performance, configurations, and updates.
• Maintain and document tool configurations, SOPs, and knowledge base articles.
• Contribute to tool selection and evaluation processes by providing technical input and performing proof-of-concepts.
• Oversee security tooling and strategic automation as it relates to managing remediations at scale
• Assist in incident response and remediation of identified security-related events

To be successful , we think you need:

• 3+ years’ experience in software security / penetration testing role, or equivalent experience
• Experience with SIEM platforms like Splunk/QRadar etc
• Experience supporting API security tools (e.g., AWS WAF, Cloudflare, F5, Imperva)
• Blue team experience would be highly beneficial
• Some cloud experience i.e. AWS/GCP/Azure

What’s in it for you?

Nintex has a hybrid working model, enabling us to build culture, learn, and grow together. We intentionally connect and collaborate, while emphasizing flexibility with a blend of at-home and in-office work. This role is a hybrid role in our local Nintex office.

While our offerings differ from country to country, we offer our entire global workforce an array of exciting perks and benefits, including

• Global Gratitude and Recharge Days
• Flexible, paid time off policy
• Employee wellness programs and counseling resources
• Meaningful peer recognition and awards
• Paid parental leave
• Invention/patenting assistance
• Community impact, paid volunteer time, and opportunities
• Intercultural learning and celebration
• Multiple tools through which to learn and grow, and an incredible global community

View more about our benefits here: .

Equity Statement : Preference will be given to People Living with Disability who are members of the designated groups in line with the Employment Equity Plan and Targets of the Company.