111 Penetration Tester jobs in South Africa
Penetration Tester (Security Analyst)
Posted 5 days ago
Job Viewed
Job Description
ENVIRONMENT
A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester /Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.
DUTIES Penetration Testing Duties- Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
- Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
- Conduct network penetration tests
- Conduct application penetration tests (web and thick client)
- Conduct wireless and mobile security assessments
- Conduct social engineering assessments
- Conduct physical security assessments
- Effectively communicate successes and obstacles with fellow team members and line managers
- Interface with client contact(s) and staff in a constructive and professional manner
- Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
- Utilise common vulnerability assessment and penetration testing tools
- Working as part of a Red Team and assisting with the following duties (but not limited to):
- Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
- Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
- Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
- Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
- Escalate privileges and maintain persistence
- Exfiltrate and / or complete objectives
- Research new vulnerabilities with a focus on high-profile products
- Understand the terminology and tactics employed by threat actors Research new attack methods
- Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
- Previous Red Team experience required
Penetration Tester
Posted today
Job Viewed
Job Description
We are seeking a versatile Security Specialist who can combine deep hands-on expertise in ethical hacking and security testing with a strong understanding of governance, risk, and compliance (GRC). This person will ensure our systems are continuously tested for vulnerabilities while also aligning our practices with regulatory and organizational security requirements.
Key Responsibilities:
- Conduct penetration testing, ethical hacking, and vulnerability assessments using industry-standard tools (e.g., BurpSuite, OWASP ZAP, Metasploit, etc.).
- Identify, document, and report security vulnerabilities, providing remediation guidance to development and operations teams.
- Develop and maintain GRC frameworks, policies, and procedures in line with industry standards (ISO 27001, NIST, GDPR, POPIA, etc.).
- Support risk assessments, audits, and compliance initiatives.
- Act as a bridge between technical security testing and compliance-driven governance activities.
- Provide security awareness and compliance training as needed.
Key Skills & Experience:
- Proven experience as a penetration tester, ethical hacker, or security engineer.
- Familiarity with GRC frameworks, regulatory compliance, and audit processes.
- Strong knowledge of application, cloud, and infrastructure security.
- Excellent communication and reporting skills to both technical and non-technical stakeholders.
- Relevant certifications desirable (e.g., OSCP, CEH, CISSP, CISM, ISO 27001 Lead Implementer/Auditor).
Penetration Tester
Posted today
Job Viewed
Job Description
Relevant experience
• 7-10 years of experience testing IT systems.
• Specialization in API and cloud pen testing.
• Individual must be proficient in crafting reports for business audiences.
Required certifications (Any one)
• OSEP
• OSWE
• CRTE
• CEH
Key responsibilities
• Responsible for testing IT systems by simulating attacks and exploiting vulnerabilities.
• Expertise in offensive security frameworks and delivering actionable insights is required.
Junior Penetration Tester
Posted today
Job Viewed
Job Description
Key Responsibilities:
Assist in performing penetration testing on servers, networks, and applications.
Support simulated attack scenarios to uncover vulnerabilities.
Help prepare detailed threat assessment reports.
Assist in conducting basic physical security checks on systems and devices.
Collaborate with teams to implement recommended security improvements.
Support the management and security of SQL databases under supervision.
Key Competencies:
Willingness to learn and develop new skills in penetration testing and cybersecurity.
Attention to detail and strong ethical standards.
Ability to work collaboratively in a team environment.
Curiosity and initiative to explore security vulnerabilities and solutions.
IT, Computer Science, or related qualification (preferred).
Security certification in progress or completed (e.g., CEH, CompTIA Security+, OSCP – beginner level preferred).
2 years in a security-focused experience (Must have)
Basic knowledge of networking, ICT technologies, and security tools.
Strong analytical, problem-solving, and communication skills.
Familiarity with coding or scripting in Python, HTML, JavaScript, CSS, or SQL is advantageous.
Between 1 - 3 Years
Cyber Security Specialist / Penetration Tester
Posted 16 days ago
Job Viewed
Job Description
- Country: South Africa
- Location: Cape Town or Gauteng
- Sector: Security Engineers / Consultants
- Salary: Rand Negotiable
- Job Type: Contract
- Technologies: Cyber Security, Penetration Testing, Ethical Hacker
Posted Thursday, 16 September 2021
Endeavour Recruitment has an excellent permanent opportunity for a Cyber Security Analyst / Penetration Tester to join a leading company in the Private Sector with offices based in both Cape Town and Johannesburg. Excellent career prospects!
The chosen candidate will join the Cyber Security team and will be responsible for evaluating and strengthening the security posture through continuous vulnerability and security assessments.
Responsibilities / Duties
- Perform penetration testing and security assessments across the technology landscape
- Be responsible for vulnerability management
- Review, configure and maintain EDR solution
- Actively engage with teams and providers to architect and implement solutions to enhance security
- Continuous proactive improvement of existing processes and security control systems
- Define threat models and organically grow the threat hunting capability
- IT security incident management and monitoring
- IT security risks management
- Provide well-written, concise, technical and non-technical reports
- Assist with the resolution of audit findings
- This role may require standby from time to time
Experience required
- A relevant certification/tertiary qualification in IT Security
- Minimum of 3 years of cyber security experience
- Experience in penetration testing tools
- Experience within mobile security assessments, vulnerability and/or malware analysis, security solutions and cloud technologies advantageous
- Understanding of security best practices in a mixed Windows/Linux environment, attack methodologies and OWASP
Required skills
- Strong analysis and problem-solving skills
- Strong work ethic and willingness to learn
- Good written and verbal communication skills
- Ability to manage and prioritize objectives with overlapping time constraints
- The ability to work independently and as a team member
Please get in touch for further details on this not to be missed permanent opportunity. We look forward to receiving your CV!
#J-18808-LjbffrCyber Security Specialist / Penetration Tester
Posted 16 days ago
Job Viewed
Job Description
- Country: South Africa
- Location: Cape Town or Gauteng
- Sector: Security Engineers / Consultants
- Salary: Rand Negotiable
- Job Type: Contract
- Technologies: Cyber Security, Penetration Testing, Ethical Hacker
Posted Thursday, 16 September 2021
Endeavour Recruitment has an excellent permanent opportunity for a Cyber Security Analyst / Penetration Tester to join a leading company in the Private Sector with offices based in both Cape Town and Johannesburg. Excellent career prospects!
The chosen candidate will join the Cyber Security team and will be responsible for evaluating and strengthening the security posture through continuous vulnerability and security assessments.
Responsibilities / Duties
- Perform penetration testing and security assessments across the technology landscape
- Be responsible for vulnerability management
- Review, configure and maintain EDR solution
- Actively engage with teams and providers to architect and implement solutions to enhance security
- Continuous proactive improvement of existing processes and security control systems
- Define threat models and organically grow the threat hunting capability
- IT security incident management and monitoring
- IT security risks management
- Provide well-written, concise, technical and non-technical reports
- Assist with the resolution of audit findings
- This role may require standby from time to time
Experience required
- A relevant certification/tertiary qualification in IT Security
- Minimum of 3 years of cyber security experience
- Experience in penetration testing tools
- Experience within mobile security assessments, vulnerability and/or malware analysis, security solutions and cloud technologies advantageous
- Understanding of security best practices in a mixed Windows/Linux environment, attack methodologies and OWASP
Required skills
- Strong analysis and problem-solving skills
- Strong work ethic and willingness to learn
- Good written and verbal communication skills
- Ability to manage and prioritize objectives with overlapping time constraints
- The ability to work independently and as a team member
Please get in touch for further details on this not to be missed permanent opportunity. We look forward to receiving your CV!
#J-18808-LjbffrTechnical Security Analyst
Posted today
Job Viewed
Job Description
Be The First To Know
About the latest Penetration tester Jobs in South Africa !
Technical Security Analyst
Posted 1 day ago
Job Viewed
Job Description
Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only
As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.
You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.
From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!
Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.
Responsibilities
- Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
- Access, read, and interpret server logs, audit trails, and system data to support investigations
- Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
- Support segregation of duties analysis and remediation
- Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
- Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
- Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
- Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
- Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
- Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
- Vulnerability Management - Track patching and configuration compliance across systems
- Proactively search for signs of compromise using hypothesis-based techniques
- Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
- Build and refine detection logic based on observed environment behavior
- Create custom log correlation rules and detection use cases
- Review server, database, and application configurations for security misconfigurations
- Assist with internal or third-party penetration testing exercises
- Validate reported vulnerabilities and test exploitability in controlled environments
- Help develop realistic tabletop scenarios and user training content
Required Skills and Qualifications
- Proficiency in forensic tools and techniques
- Generalist understanding of server infrastructure, system privileges, and core security concepts
- Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
- Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
- Experience with CVE tracking, vulnerability scanners, and mitigation workflows
- Familiarity with standards such as ISO 27001 and common infosec frameworks
- Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
- Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders
Preferred Skills and Qualifications
- Hands-on incident response or blue team roles
- Exposure to SIEM platforms
- Understanding of chain-of-custody and legal considerations in evidence handling
- Experience in environments with regulatory requirements
- Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
- IDS/IPS knowledge
- Ability to track vulnerabilities through to remediation
- Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
- Ability to perform hypothesis-driven hunts and pivot off findings
- Knowledge of cloud platforms: AWS, Linode, Hetzner
- Understanding of the CIA triad (Confidentiality, Integrity, Availability)
This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.
We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.
This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.
Working with us
Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.
About us
Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.
You can read more about Netstock’s history and our product offering at Netstock
#J-18808-LjbffrPhysical Security Analyst
Posted 4 days ago
Job Viewed
Job Description
Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company
Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company
Teraco Data Environments
2025/07/24 Gauteng
Job Reference Number: PSA_JB3
Department: Security
Business Unit
Industry: Information Technology
Job Type: Permanent
Positions Available: 1
Salary: Market Related
This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting.
Job Description
PURPOSE OF THE ROLE
This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting. The role is responsible for tracking and ensuring closure of security vulnerabilities, management and closure of tickets within SLA, and updating policies and procedures to improve security posture.
Main Functions Of The Job
- Action physical access request tickets to the Access Control System in line with Teraco policies. This requires a high degree of attention to detail, and compliance to policies.
- Track and allocate tickets to team members for action. Ensure tickets are addressed within required timelines.
- Analyze logs and data sets from various sources to formulate reporting for internal usage e.g. data integrity assessments etc.
- Analyze logs and data sets from various sources to formulate reporting for Teraco clients.
- Track percentage of data integrity issues successfully verified & closed within the specified timeframe.
- Ensure scheduled checks, calibrations, and inspections (CCTV, access control, metal detectors, perimeter fences) are completed on time.
- Logging and updating calls via the ticketing system.
- Driving closure and tracking progress to ensure timely remediation for incident Management specific to security systems.
- Client specific monthly reporting.
- ISO 27001, PCI, ISAE 3402 Type II compliance, monitoring and reporting, as it relates to supported systems.
- The use of vulnerability management for IoT and OT devices using third-party tools, including identification, assessment, and remediation tracking by logging of tickets for action by team members and ensuring tasks are closed timeously.
- System Uptime: Validation of percentage of time that all security systems (CCTV, access control, metal detectors) are operational and functional by leveraging data sets provided from various sources.
- Escalate and track calls that require the attention of the IT team by utilizing the correct escalations channels
- Document security administration procedures, implement the procedures as agreed and ensure evidence in respect of procedures is retained as per documented.
- Liaising with vendors for replacement stock or spares for maintenance & maintain critical stock levels.
- Adherence to standard operating procedures and to IT security governance and policies.
- Take initiative in consultation with Security Systems Manager to improve IT security and better fulfil the needs of the user-base.
- Validation of handover documentation for the testing of new installations for both standard and non-standard projects.
- Ad-hoc duties.
- Review & validation of new/old, mapped camera’s according to security risk reviews.
Skills Requirement
- Excellent written and verbal communication skills.
- Active listening – ability to understand requirements
- Ability to communicate in English
- Diligent: Even when it becomes a hassle must be willing to see an issue through to resolution.
- Good prioritization and organization skills.
- Attention to detail and accuracy
- Proactive problem solver
- Ability to work independently & a positive team player
- Self-motivated
- Conducts self professionally, exhibits high levels of tolerance and patience
- Responsible for continued learning and self-development
- All activities performed on time
- Ability to write reports, business correspondence, and procedures
- Matric
- Experience in Vendor Management and related SLA’s
- Previous experience in supporting a VMS system or IP camera network (Advantageous)
- Driver’s license and own car essential
- IT Diploma/Certificate or equivalent NQF Level 6
- 4 years’ experience in process or document administration in a technical environment
- A+
- N+
- Microsoft Excel
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Finance and Sales
- Industries Facilities Services
Referrals increase your chances of interviewing at Teraco – A Digital Realty Company by 2x
Get notified about new Investment Analyst jobs in Gauteng, South Africa .
Johannesburg Metropolitan Area 1 week ago
Johannesburg, Gauteng, South Africa 5 days ago
Johannesburg, Gauteng, South Africa 6 days ago
Johannesburg, Gauteng, South Africa 6 days ago
Talent Pool: Investment Consultant (Johannesburg) MMH Talent Pool: Investment Consultant (Johannesburg)Pretoria, Gauteng, South Africa 1 day ago
Johannesburg, Gauteng, South Africa 1 week ago
Pretoria, Gauteng, South Africa 2 weeks ago
Centurion, Gauteng, South Africa 3 months ago
Talent Pool: Investment Regional Manager - Countrywide MMHCenturion, Gauteng, South Africa 4 months ago
Johannesburg, Gauteng, South Africa 1 day ago
Talent Pool: Investment Regional Manager - Countrywide MMHCenturion, Gauteng, South Africa 2 days ago
Pretoria, Gauteng, South Africa 2 weeks ago
Johannesburg, Gauteng, South Africa 1 month ago
Senior Lecturer (College of Business & Economics: Department of Finance & Investment Management) Intermediate Business Analyst – Become Senior Business Analyst working for SA’s leading wealth manager – Johannesburg – R650K PACity of Johannesburg, Gauteng, South Africa 15 hours ago
Springs, Gauteng, South Africa 4 days ago
Senior Business Analyst | Waterfall, Gauteng | PermanentJohannesburg, Gauteng, South Africa 5 days ago
Centurion, Gauteng, South Africa 20 hours ago
Johannesburg, Gauteng, South Africa ZAR60,000.00-ZAR72,000.00 1 month ago
Centurion, Gauteng, South Africa 20 hours ago
Johannesburg, Gauteng, South Africa 5 days ago
SPECIALIST ANALYST INVESTMENT PROVIDERS DEPARTMENTSandton, Gauteng, South Africa 1 month ago
Johannesburg, Gauteng, South Africa 2 months ago
Johannesburg, Gauteng, South Africa 1 week ago
Johannesburg, Gauteng, South Africa 4 days ago
Business Analyst – Design investment management platform features for SA’s leading wealth manager – Johannesburg – R810K PAJohannesburg Metropolitan Area 15 hours ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrCyber Security Analyst
Posted 5 days ago
Job Viewed
Job Description
InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.
Key Responsibilities:- Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
- Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
- Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
- Perform vulnerability assessments and penetration testing to identify security weaknesses.
- Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
- Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
- Work with IT and development teams to ensure secure configurations and practices across all systems.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 2+ years of experience in cybersecurity, information security, or a related role.
- Strong understanding of security principles, concepts, and technologies.
- Experience with security monitoring tools, SIEM platforms, and incident response procedures.
- Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
- Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
- Strong analytical and problem-solving skills, with attention to detail.
- Excellent communication skills to effectively collaborate with cross-functional teams.
- CERT, CISSP, CISM, or equivalent security certifications are a plus.