35 National Security jobs in South Africa

SIMFY AFRICA

SECURITY SPECIALIST - Fixed Term Contract

Purpose & Context:

We are seeking a highly skilled and experienced Security Specialist with a strong background in Site Reliability Engineering (SRE) and DevSecOps. In this role, you will be a key player in designing, implementing, and maintaining secure, scalable, and resilient cloud infrastructure. You will champion security best practices throughout the software development lifecycle (SDLC) while applying SRE principles to ensure high system availability, performance, and operational efficiency.

Simfy Africa, an OPCO of MTN is entering a new phase in its lifecycle in which the key focus is on delivering technology components to support the MTN consolidated app as well as maintain and support the ayoba SuperApp product until its sunset.

The incumbent must therefore ensure the successful delivery in context of:

• An expertise-based multicultural organisation
• A dynamic and evolving field of Telecommunications & Platform based businesses
• Evolving industry sector constantly presenting new challenges and opportunities to the core business

Key Performance Areas:

The Security Specialist
is responsible across the following areas:

Secure Infrastructure and Application Lifecycle:

• Design, implement, and maintain secure and scalable cloud infrastructure using Infrastructure as Code (IaC) principles (e.g., Terraform, Ansible).
• Integrate security controls and automated security testing (e.g., SAST, DAST, SCA) into CI/CD pipelines.
• Conduct threat modeling and risk assessments during the design phase of applications and infrastructure.
• Implement and manage cloud security controls, including IAM, network security (Security Groups, WAFs), data encryption, and secrets management.
• Manage and respond to security incidents and vulnerabilities, ensuring timely remediation and post-incident analysis.
• Stay abreast of the latest offensive security practices and techniques.

Site Reliability & Operations:

• Apply SRE principles to continuously improve system reliability and performance.
• Define, measure, and enforce Service Level Objectives (SLOs) and Service Level Indicators (SLIs).
• Automate operational tasks and "toil" to free up time for engineering work.
• Implement and optimize observability pipelines (logging, monitoring, and alerting) using tools like Prometheus, Grafana, and ELK stack.
• Conduct post-mortems for incidents and drive a culture of blameless problem-solving.
• Perform capacity planning and performance optimization to ensure systems can handle future growth.

Automation and Tooling:

• Integrate security practices CI/CD pipelines for both infrastructure and application deployments.
• Script solutions for automation tasks using languages like Python, Bash, or Go.
• Manage and orchestrate containerized workloads using technologies like Docker and Kubernetes.
• Implement Policy as Code (PaC) to enforce security and compliance standards.

Collaboration and Culture:

• Collaborate closely with development, operations, and security teams to embed a culture of shared responsibility and continuous improvement.
• Promote "shift-left" security, encouraging developers to consider security early in the development process.

Job Requirements

Education:

• 3 + years Tertiary qualification in Computer Science, Computer Engineering or a related field
• Relevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator, Certified DevSecOps Professional)

Experience:

• 5+ years of professional software development experience
• Proven experience in a DevSecOps, SRE, or Cloud Engineering role with a strong focus on security and reliability
• Hands-on experience with containerization technologies (Docker) and orchestration platforms (Kubernetes)
• Experience with secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager)
• Experience with monitoring and observability tools (e.g., Prometheus, Grafana, Datadog)
• Experience with chaos engineering and/or resilience testing

Competencies:

Functional Knowledge:

• CI/CD pipeline tools (Proficient)
• MTN policies and procedures understanding (Proficient)
• Continuous improvement (Intermediate)
• Modern cloud platforms particularly AWS (S3, CloudWatch, DynamoDB, ElastiCache) (Proficient)

Technical skills

• Proficiency in at least one scripting/programming language (e.g., Python, Bash, Go)
• Security frameworks and standards (e.g., CIS Benchmarks, NIST) (Intermediate)
• Network security, system hardening, and vulnerability management (Proficient)
• Infrastructure and platforms management (Intermediate)
• Data management (Intermediate)

Behavioural Qualities

·   Collaboration (Proficient)

·   Problem-solving (Proficient)

·   Verbal and written communication skills (Proficient)

·   Accountability (Proficient)

·   Adaptability (Intermediate)

·   Interpersonal Skills (Proficient)

·   Highly Organised

·   Attention to Detail

·   Time Management

·   Proactive & Self Driven

·   Resilient

·   Operationally Astute

·   Emotional Maturity

Please see announcement on USAJOBS for available locations.

Summary
Organizational Location: This position is with the Department of Homeland Security, within U.S. Customs and Border Protection, Office of Intelligence, Intelligence Enterprise - Security Division. Location is negotiable for the following locations: New Orleans, LA New York, NY Miami, FL Tucson, AZ Edinburgh, TX Los Angeles, CA Bellingham, WA Del Rio, TX Washington, DC Sterling, VA Selfridge, MI Detroit, MI San Diego, CA

Duties
In this position, you will serve as a Security Specialist, overseeing the implementation of programs and policies related to Personnel Security (PERSEC), Information Security (INFOSEC), Physical Security and Communications Security (COMSEC), Facilities and Emergency Preparedness. This position starts at a salary of $88, GS-12, Step 1) to $37, GS-13, Step 10) with promotion potential to 137,000 (GS-13 Step 10). GS Salary: Visit this link to view the locality pay tables by geographic area. If you do not see your geographic area listed, select the "Rest of United States" pay table. Some positions fall under a special pay rate depending on the series, grade level and location of the position. Please visit this link to view special pay rate charts. Major Duties for this position include, but are not limited to: Assisting in maintenance of personnel security records and conducting appropriate Special Compartmented Information (SCI) briefings/debriefings as assigned for cleared personnel. Making extensive independent technical judgements concerning the interpretation and implementation of existing security procedures, methods, and in deciding which analytical and technical decisions form the basis for major security program policy and operational decisions by upper management. Serving as Communications Security (COMSEC)/Top Secret Special Compartmented Information (TS/SCI) Manager. Safeguarding, accounting for and when necessary, destruction of TOP SECRET COMSEC material, cryptographic communication, keying material, and equipment. Providing advice, assistance, and guidance to supervisors, managers, and employees on complex physical security matters concerning the integrity of the Special Compartmented Information Facility (SCIF).

Requiremennts
You must be a U.S. Citizen to apply for this position Males born after 12/31/1959 must be registered with Selective Service Primary U.S. residency for at least three of the last five years (additional details below) All pre-employment processes will be conducted in English You may be required to pass a background investigation CBP follows the DHS Drug-Free Workplace Plan for drug testing procedures As an employee of CBP, you will be joining a workforce that is dedicated to accomplishing our mission while maintaining the trust of our Nation by strictly adhering to all government ethics standards. Your conduct will be subject to the ethics rules applicable to all Executive Branch employees, and to CBP employees specifically, as well as the criminal conflict of interest statutes. Once you enter on duty, these rules include obtaining approval for outside employment or business activity, to ensure such employment or business activity is not prohibited and does not interfere or conflict with performance of your official duties. Please review further details via the following link. DHS uses E-Verify, an internet-based system, to confirm the eligibility of all newly hired employees to work in the United States. Learn more about E-Verify including your rights and responsibilities. Bargaining Unit: This position is not covered under the bargaining unit. Security Clearance: The incumbent must obtain and maintain a Top Secret/SCI clearance.

Qualifications
Experience GS-12: You qualify for the GS-12 grade level if you possess 1 year of specialized experience equivalent to at least the next lower grade level, performing duties such as: Interpreting new or proposed legislation, directives, and other agency guidance, to recommend and develop internal security programs policies and procedures to support Sensitive Compartmented Information (SCI) operations. Providing technical assistance and direct support to management staff on all matters related to security service programs on the integrity of the Sensitive Compartmented Information (SCI) facilities. Overseeing Sensitive Compartmented Information (SCI) facilities and equipment, while maintaining contacts with federal agencies and established security policies, objectives, and regulations. Overseeing Top Secret/ Sensitive Compartmented Information (TS/SCI) facilities and equipment, while maintaining contacts with federal agencies and established security policies, objectives, and regulations. Overseeing the implementation and coordination of research and analysis of security programs to support SCIF lifecycle functions. Experience GS-13: You qualify for the GS-13 grade level if you possess 1 year of specialized experience equivalent to at least the next lower grade level, performing duties such as: Providing proficient Sensitive Compartmented Information (SCI) briefings and debriefings on security fractions, violations, and assists in official inquiries when appropriate. Managing various Sensitive Compartmented Information (SCI) administrative actions to closely examine security legislation or revised security regulations and to reevaluate and make recommendations concerning expected impact on programs, missions, and future strategic plans. Facilitating with other federal agencies as an expert security advisor to leadership and management on security planning, resource allocation, systems, and programs to better secure Top Secret/ Sensitive Compartmented Information (TS/SCI) facilities and equipment. Serving as program coordinator for Sensitive Compartmented Information (SCI) facilities and equipment impacting operational readiness, safety and the security of technical systems which affect federal agencies, private entities, and the general public. NOTE: Your resume must explicitly indicate how you meet this requirement, otherwise you will be found ineligible. Please see the "Required Documents" section below for additional resume requirements. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. You must: Meet all qualification requirements, including education if applicable to this position, subject to verification at any stage of the application process; and Meet all applicable Time in Grade requirements (current federal employees must have served 52 weeks at the next lower grade or equivalent grade band in the federal service) by 10/03/2025. The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office. Background Investigation: U.S. Customs and Border Protection (CBP) is a federal law enforcement agency that requires all applicants to undergo a thorough background investigation prior to employment in order to promote the agency's core values of vigilance, service to country, and integrity. During the screening and/or background investigation process, you will be asked questions regarding any felony criminal convictions or current felony charges, the use of illegal drugs (e.g., marijuana, cocaine, heroin, LSD, methamphetamines, ecstasy), and the use of non-prescribed controlled substances including any experimentation, possession, sale, receipt, manufacture, cultivation, production, transfer, shipping, trafficking, or distribution of controlled substances. For additional information on the preemployment process, review the following link: Applicant Resources | CBP Careers Residency: There is a residency requirement for all applicants not currently employed by CBP. Individuals are required to have physically resided in the United States or its protectorates (as declared under international law) for at least three of the last five years. If you do not meet the residency requirement and you have been physically located in a foreign location for more than two of the last five years, you may request an exception to determine if you are eligible for a residency waiver by meeting one or more of the following conditions: Working for the U.S. Government as a federal civilian or as a member of the military A dependent who was authorized to accompany a federal civilian or member of the military who was working for the U.S. government Participation in a study abroad program sponsored by a U.S. affiliated college or university Working as a contractor, intern, consultant or volunteer supporting the U.S. government Probationary Period: All employees new to the federal government must serve a one year probationary period during the first year of his/her initial permanent federal appointment to determine fitness for continued employment. Current and former federal employees may be required to serve or complete a probationary period. Agency Career Transition Assistance Program (CTAP) or the Interagency Career Transition Assistance Program (ICTAP) Eligibles: If you have never worked for the federal government, you are not CTAP/ICTAP eligible. View information about CTAP/ICTAP eligibility on OPM's Career Transition Resources website. To be considered well qualified under CTAP/ICTAP, you must be rated at a minimum score of 85 for this position. In addition, you must submit the supporting documents listed under the Required Documents section of this announcement. Reasonable Accommodation (RA) Requests: If you believe you have a disability (i.e., physical or mental), covered by the Rehabilitation Act of 1973 as amended that would interfere with completing the USA Hire Competency Based Assessments, you will be granted the opportunity to request a RA in your online application. Requests for RA for the USA Hire Competency Based Assessments and appropriate supporting documentation for RA must be received prior to starting the USA Hire Competency Based Assessments. Decisions on requests for RA are made on a case-by-case basis. If you meet the minimum qualifications of the position, after notification of the adjudication of your request, you will receive an email invitation to complete the USA Hire Competency Based Assessments, based on your adjudication decision. You must complete all assessments within 48 hours of receiving the URL to access the USA Hire Competency Based Assessments, if you received the link after the close of the announcement. To determine if you need a RA, please review the Procedures for Requesting a Reasonable Accommodation for Online Assessments here.

Education
Please see the Qualifications and Required Documents sections for more information if education is applicable to this position.

Additional Information
This announcement will be open for 5 business days OR until the first 150 applications have been received, whichever happens first. Additional selections may be made for other organizational divisions and/or units within the duty location(s) listed above. Relocation Funding or Relocation Incentive MAY be offered - In accordance with Agency policy and eligibility requirements, you MAY be eligible for either relocation funding OR a relocation incentive based on the following: Fully funded relocation MAY be offered for position OCONUS Lump Sum (VRP) relocation funding MAY be offered to current CBP employees moving into CONUS positions Relocation Incentive MAY be offered for current federal employees outside of CBP Additional Hiring and Special Appointing Authorities: See "THIS JOB IS OPEN TO" section above for what additional Appointing Authorities may apply. Veterans, military spouses, Peace Corps/VISTA volunteers, and people with disabilities possess a wealth of unique talents, experiences, and competencies that can be invaluable to the DHS mission. If you are a member of one of these groups, you may not have to compete with the public for federal jobs. To determine your eligibility and to understand what documentation would be required with your application, please click on the appropriate link below. You must provide documentation supporting your eligibility prior to the closing date of this announcement. If you have any questions regarding your eligibility, please contact the CBP Hiring Center via the contact information listed at the end of this job opportunity announcement. Veterans Military spouses Effective until December 31, 2028, any spouse of a member on active duty may be eligible Individuals with Disabilities The proof of disability documentation must specify that you are eligible to apply using Schedule A. It does NOT need to detail your specific disability, medical history or need for accommodation. For more information visit this link. Peace Corps and VISTA Land Management Hiring Flexibility Act: The following documents are required at the time of application: SF-50s to demonstrate that you meet the eligibility requirements and the most recent performance rating signed by your supervisor or a statement from your supervisor documenting acceptable performance. Other miscellaneous hiring authorities Positions with known promotion potential do not guarantee promotion, nor is the promise of promotion implied.

Customs & Border Protection (CBP): Securing America's Borders The Department of Homeland Security (DHS) is calling on those who want to help protect American interests and secure our Nation. DHS Components work collectively to prevent terrorism; secure borders and our transportation systems; protect the President and other dignitaries; enforce and administer immigration laws; safeguard cyberspace; and ensure resilience to disasters. We achieve these vital missions through a workforce spanning hundreds of occupations. Make an impact; join DHS. Discover a challenging and rewarding career with U.S. Customs and Border Protection (CBP), the sole organization responsible for securing the nation's borders. At CBP, we: Secure and enforce trade and travel while enforcing hundreds of U.S. regulations, including immigration and drug laws Screen passengers, vehicles, and shipments entering our country Seize illegal narcotics, vehicles, and agricultural products and prohibited goods. Prevent unauthorized entry into the country Rescue individuals who fall into dangerous conditions traversing our border Find us on X at @CBP and @CBPJobs Find us on LinkedIn at U.S. Customs and Border Protection CBP employees demonstrate the highest level of commitment to protect and serve the United States of America and to exemplify the CBP Core Values of Vigilance, Service to Country and Integrity. Learn more about CBP's mission, core values and careers

Why choose Logicalis?

It's not just IT solutions, It's IT global know-how Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.

Our customers span industries and geographical regions; and our focus is to engage in the dynamics of our customers' vertical markets; including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and apply the skills of our 4,500 employees in modernising key digital pillars; data centre and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernisation. We are the advocates for our customers for some of the world's leading technology companies including Cisco, HPE, IBM, CA Technologies, NetApp, Microsoft, Oracle, VMware and ServiceNow

Logicalis employees are innovative, smart, entrepreneurial and customer centric, with a shared ambition of making Logicalis the worlds leading IT Solutions provider

We offer speedy decision-making, opportunities for personal development, and a supportive, inclusive environment that celebrates our diversity.

Join us and become a part of something epic

ROLE PURPOSE
The Security Operations Centre will provide defence against security breaches and actively isolate and mitigate security risks. The Security Specialist forms part of the security operations centre SOC team. The SOC Team will identify, analyse, and react to cyber security threats using a reliable set of processes and security technologies. The SOC Team includes the SOC Manager, SIEM Platform Manager, Case Manager, SOC Tier 1,2 and 3 Analysts and Security Specialists. They work with IT operational teams to address security incidents and events

quickly. The SOC Team will provide a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident.

ROLE AND DELIVERY RESPONSIBILITIES:
The job role includes actively participating in the incident detection process as follows:

• Possesses in-depth knowledge of network, endpoint, threat intelligence, forensics and malware reverse Analysis, as well as the functioning of specific applications or underlying IT infrastructure
• Acts as an incident "hunter," not waiting for escalated incidents
• Closely involved in developing, tuning, and implementing threat detection analytics
• Acts as the escalation for Tier 1 and 2 SOC Analysts
• Responds to and oversees the remediation of a declared security incident
• Completes the Root Cause Analysis Report for P1 to P4
• Provides guidance to Tier 1 and 2 SOC Analysts
• Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack
• Monitors shift-related metrics ensuring applicable reporting is gathered and disseminated to the SOC Manager
• Make recommendations to the SOC Manager
• Oversees the analysis on running processes and configs on affected systems.
• Undertakes in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted
• Oversees the containment and recovery
• Oversees the deep-dive incident analysis by correlating data from various sources
• Validates if a critical system or data set has been impacted
• Provides support for analytic methods for detecting threats
• Conducts advanced triage based on defined run books of alerts
• Undertakes threat intelligence research if need be
• Validates false positives, policy violations, intrusion attempts, security threats and potential compromises
• Undertakes security incident triage to provide necessary context prior to escalating to relevant Security Specialists to perform deeper analysis when necessary
• Further analyses alarms by method e.g. credentials compromised and by asset class
• Based on the correlation rules and alarms within the SIEM and run books, further analyses anomaly tactic using the MITRE ATT&CK framework
• Analyses event and process metadata in real-time or retrospectively, and identify suspicious files/scripts seen for the first time
• Closes tickets in the SIEM platform – this would be automatically created into Service Now
• Manages security incidents using the SIEM platform and defined operational procedures
• Performs a further investigation of potential incidents, and escalate or close events as applicable
• Validates investigation results, ensuring relevant details are passed on to Tier 2 SOC Level 2 for further event analysis
• Closes out deeper analysis and review activities
• Assist senior SOC staff with operational responsibilities

PERSON REQUIREMENTS:
EXPERIENCE:

• Strong knowledge and experience working with SIEM Solutions, QRadar, McAfee ESM, Azure Sentinel
• Proven experience with Office 365, Active Directory, Azure and Microsoft Exchange.
• Strong knowledge and experience working with Linux Operating systems
• Good experience working with Nessus or Qualys
• Good understanding of the MITRE ATT&CK framework
• Good understanding of the ITIL Framework.
• Brilliant with a support ticketing system and experience in meeting SLA targets.
• Familiarity with risk management and quality assurance control.
• Excellent interpersonal skills and professional demeanor
• Excellent verbal and written communication skills
• Candidate must be eligible to obtain National Security Clearance

QUALIFICATIONS:

• Grade 12
• SIEM Technology certification.
• AZ500,SC100
• ITIL Foundation qualification
• Degree or Diploma in Computer Technology
• CompTIA A+, N+ S+
• CompTIA CySa, CISSP and CASP+ advantageous

ADDITIONAL SKILLS/ATTRIBUTES:

• Advanced Microsoft Excel experience, specifically data interpretation
• Good understanding of IT infrastructure
• A high command of the English language both written and verbal is essential.
• Self-motivated with the ability to work unsupervised.
• Attention to detail
• Punctuality
• Excellent verbal and written communication skills
• Ability to remain flexible and adapt to changing priorities with promptness, efficiency, and ease
• Possess proficient analytical and decision-making skills
• Demonstrated capacity for gathering and scrutinizing data to identify issues, opportunities, and patterns
• Proficient relationship building skills – predict customer behavior and respond accordingly
• A strong service-oriented ('can-do') culture, with a strong focus on the 'internal customer' approach, committed to exceeding customer expectations
• Good communicator with the customer environment
• Dynamic but aware of the views and feelings of others
• Able to operate as a good team player
• Drive and Energy
• Demonstrate clear purpose, enthusiasm, and commitment

Job opportunity for
Cyber Security Specialist
based in
Johannesburg, SA
- Contract

Responsibilities:

• Cloud architecture, network architecture
• Threat assessment
• IAM tools
• Application Security-ethical hacking, penetration testing
• Evaluate and oversee the security of outsourced / third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of client information
• Implement reference architecture for integrating with third parties and partners − Implement mechanisms for vetting and implementing integration with cloud providers
• Develop and implement architectural and development standards for third party technologies
• Experience in designing and implementing cybersecurity systems architectures

Minimum Requirements

Education

• Minimum of 3 years tertiary qualification in Information Technology/Engineering
• CISSP / CISM / CGEIT certification (one of)
• SABSA, Cloud Security and/or TOGAF qualification will be an advantage
• Business analysis/architecture qualifications
• Other qualifications (CompTIA Security+, ITIL, COBIT) are an advantage
• Fluent in English

Experience

• Minimum of 3+ years of relevant work experience in Information Security
• Experience in designing and implementing cybersecurity systems architectures
• Experience in managing and implementing large-scale security projects
• Advanced working understanding of the information technology environment of a telecom company
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions
• Other security experience such as NAC, Cisco ISE, CASB Solution Netskope, Web security technologies, architecture, operations, GRC, OWASP, etc.
• Able to provide the Project and existing Security teams the necessary guidance to build policies, standards, risks, and controls frameworks that meet MTN Group and operational requirements of the business
• Good experience in security architecture design in Cloud and on-prem
• Design and implementation of NGFW PA/Fortinet/IoT/Endpoint protection/multi-factor authentication
• Understanding of authentication and authorization technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, AD security products
• Knowledge of web application architectures

CV should have keywords
:

• Cloud architecture, network architecture
• Threat assessment
• IAM tools
• Evaluate and oversee the security of outsourced / third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of MTN's information: − Implement reference architecture for integrating with third parties and partners − Implement mechanisms for vetting and implementing integration with cloud providers − Develop and implement architectural and development standards for third party technologies

Experience in designing and implementing cybersecurity systems architectures.

About the Role

As a Cyber Security Specialist, you will play a pivotal role in proactively identifying, evaluating, and reducing the attack surface of our organization. Reporting to the Senior Director of Security Operations, you will leverage cutting-edge tools, threat intelligence, and cross-functional collaboration to ensure our external and internal digital assets are continuously monitored, inventoried, and protected.

What You'll Do

• Attack Surface Discovery: Continuously identify and catalogue all external and internal assets (cloud, on-premises, IoT, third-party systems, etc.) using automated and manual discovery techniques.
• Vulnerability Management: Evaluate discovered assets for vulnerabilities and misconfigurations; prioritize remediation efforts based on risk and business impact.
• Threat Intelligence Integration: Correlate attack surface data with threat intelligence to contextualize findings and anticipate emerging risks.
• Attack Surface Reduction: Partner with IT, DevOps, and application teams to minimize unnecessary exposures and streamline asset footprint.
• Incident Response Support: Provide asset and exposure data during security incident investigations to enable rapid containment and remediation.
• Reporting & Metrics: Develop and present clear, actionable reports and dashboards for technical and executive audiences, including trend analysis and attack surface KPIs.
• Tool Evaluation & Management: Assess, deploy, and manage Attack Surface Management (ASM) platforms and related technologies.
• Policy Development: Contribute to security policies, standards, and best practices surrounding asset inventory and exposure management.
• Awareness & Training: Educate stakeholders on attack surface risks and mitigation strategies.
• Security Strategy: support the successful execution of the Security Strategy.

What You'll Bring

• Experience: 3+ years in cyber security, with a focus on attack surface management, asset discovery, or vulnerability management in a large enterprise or technology environment.
• Technical Skills: Strong understanding of networking, web technologies, cloud platforms (AWS, Azure, GCP), and security tooling (ASM, EDR, SIEM, etc.) and vulnerability scanning tools.
• Analytical Abilities: Proficient in risk assessment, data analysis, and correlating technical findings with business risk.
• Collaboration: Demonstrated ability to work with cross-functional teams, including IT, application development, and business units.
• Certifications: Relevant security certifications preferred (e.g., CISSP, OSCP, GIAC, CompTIA Security+).
• Communication: Excellent written and verbal communication skills; ability to convey complex technical issues to diverse audiences.
• Familiarity with regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS) and how they impact asset and exposure management.
• Experience with automation and scripting for asset discovery and reporting (e.g., Python, PowerShell).
• Background in incident response and digital forensics.

What Join Us?

You will be a key contributor to the organization's proactive cyber defence posture, directly supporting the Senior Director of Security Operations and influencing how the company manages digital risk in a dynamic technology landscape.

The base salary range for this position is R560,000 R840,000 plus benefits. This range represents the minimum and maximum new hire compensation for this role. The position may also be eligible for incentive plans and additional benefits, in accordance with company policy and local regulations. Our salary ranges are determined by role, level, and location with individual compensation also dependent on factors such as qualifications, experience, and skills. Final offers will reflect these considerations and may vary accordingly.

#LI-YK1

Belonging at Mimecast

Cybersecurity is a community effort. That's why we're committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they're a cybercriminal, of course.

We're proud to be an Equal Opportunity and Affirmative Action Employer, and we'd encourage you to join us whatever your background. We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won't affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.

Cyber Security Specialist (Vuln Mgmt Focused)

Department:
Managed Services – Cyber Security

Work Location: -
Remote

Shift Pattern:

Daytime working only, working a shift pattern of either 7am - 3:30pm, 9-5:30 or 10:30am – 7pm UK working hours

37.5 Hour week (7.5 hour days plus Lunch)

Job Purpose

This role is for someone to come into the Cyber Security Operations team with a focus on Vulnerability Management and Cyber Operations. We are seeking a highly skilled and motivated individual to join our cybersecurity team. The ideal candidate will be responsible for end-to-end vulnerability management and cyber incident management for our customers, with more focus on the Vulnerability side. This role requires a deep understanding of cybersecurity principles, excellent analytical skills, and the ability to work collaboratively with cross-functional teams.

Key Accountabilities

• Conduct regular vulnerability assessments and penetration testing on network, systems, and applications.
• Analyze and prioritize vulnerabilities based on risk and potential impact to the organization.
• Develop and implement remediation plans to address identified vulnerabilities
• Collaborate with IT and development teams to ensure timely resolution of security issues.
• Stakeholder reporting, planning & co-ordination
• Stay up to date with the latest cybersecurity threats, trends, and technologies, and have a general interest in Cyber Security

Person Specification

Professional Experience, Skills and Attributes

Must have experiences

• Vulnerability Detection – Tenable Ideally (Proficient and knowledgable on the product)
• Core Cyber Vulnerability & Threat Management – ie not tooling based, awareness of things like CVSS, Risk, Vulnerability Management & remediation programmes
• Microsoft Security Suite at least from a reporting/review perspective (Azure, Intune, Defender Suite)

Key Skills

• Previous experience in vulnerability & risk management / Security Incident Response
• Familiarity with ticketing systems in a managed service environment, ensuring tickets are managed and updated accordingly
• Knowledge in Patch Management and approach/processes linked to it
• Behaviours
• Can work well as part of a team, and individually. Workload can vary and must be prioritised accordingly as needed
• Conscientious with good attention to detail aiming to deliver quality to our customers

Values

The post holder requires the ability to demonstrate, understand and apply Ultima's values which are embedded in all roles:

• Excellence - Consistently goes the extra mile to deliver what's best for the business
• Collaboration - Works openly and constructively with others across teams and functions, valuing diverse perspectives to achieve shared goals
• Innovation - Challenge the status quo, and actively seek new ways to improve processes, services, and outcomes.
• Transparency - Communicate openly and honestly
• Empowerment - Take ownership, make informed decisions, and support others to do the same

Our Commitment to You

We're proud to be an equal opportunity, Disability Confident employer. At Ultima, we celebrate our differences and strive to build an environment where everyone feels respected, valued, and able to succeed.

Not sure you meet every single requirement?

People from underrepresented groups may be less likely to apply unless they meet every qualification. At Ultima, we're committed to building a diverse and inclusive workplace, so even if your experience doesn't align perfectly, we encourage you to apply. You might be exactly who we're looking for.

Apply now, or reach out to our Talent team if you have any questions. We're always happy to chat about how we can make work, work for you.

You will define and implement an IT Security Strategy aligned to Group standards, tailored to each business unit's risk profile. The role will assess and monitor cybersecurity risks, lead divisional maturity assessments, and develop roadmaps to address identified vulnerabilities. You will advise IT Managers on secure architecture, operations, and incident response to ensure robust protection across the division.

Reporting indirectly to the Group Head of IT, the officer will provide guidance across business units, manage divisional monitoring and alerting leveraging Group tools, and drive the rollout of security technologies and risk-based controls. Key responsibilities include creating security strategies, conducting risk and vulnerability assessments, auditing privileged accounts, handling incidents, and coordinating IT projects and audits.

The role also focuses on building cyber awareness, upskilling IT teams, and ensuring audit readiness through ITGCs, application control reviews, and remediation of findings. Strong collaboration with Group IT, suppliers, and auditors will be essential.

This position suits a confident, technically strong leader who can think strategically, identify and address cybersecurity risks, drive compliance, and proactively safeguard the division's IT environments.

Essential Requirements:

• Bachelor's degree in Information Systems or Computer Science.
• 7–10 years in information security, with proven experience in cybersecurity risk assessment and management, vulnerability management, secure configuration, and incident response.
• Expertise in ISO/IEC 27001, NIST, IT governance, and relevant legislation.
• Knowledge of network, cloud, infrastructure, and endpoint protection.
• Professional certifications such as CISSP, CISM, or CEH.