318 Security Analyst jobs in South Africa

Information Security Analyst

Centurion, Gauteng R900000 - R1200000 Y Group Digital and Technology Office

Posted today

Job Viewed

Tap Again To Close

Job Description

Introduction

Through our client-facing brands Metropolitan and Momentum, with Multiply (wellness and rewards program), and our other specialist brands, including Guardrisk and Eris Property Group, the group enables business and people from all walks of life to achieve their financial goals and life aspirations.We help people grow their savings, protect what matters to them and invest for the future. We help companies and organization's care for and reward their employees and members. Through our own network of advisers or via independent brokers and utilising new platforms Momentum Metropolitan provides practical financial solutions for people, communities, and businesses. Visit us at

Disclaimer

As an applicant, please verify the legitimacy of this job advert on our company career page.

Role Purpose

This position is responsible for performing various tasks. This role is also required to conduct ongoing research in the IT security arena and regularly assist in the sales process.The ideal candidate will be responsible for conducting comprehensive penetration tests, identifying vulnerabilities, and providing recommendations to improve security posture. The ideal candidate must have experience in all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, applications, hosts, firewalls, mobile applications, etc.) and related policies and procedures. They must be highly motivated and have a good command of industry best practices.

Requirements

  • 5+ years of experience in penetration testing, vulnerability assessment, or a related field.

  • Deep knowledge of security testing methodologies and frameworks (OWASP, NIST, etc.).

  • Proficiency with advanced penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, etc.

  • Strong scripting skills (Python, Bash, PowerShell, etc.) for automating security tasks.

  • In-depth understanding of network protocols, operating systems, web technologies, and cloud environments.

  • CISSP and CEH certification preferred.

  • OSCP, OSEP, CCSP, CRTE, CRTP, or CRTO certification or equivalent is an advantage.

Duties & Responsibilities

  • Lead and conduct comprehensive penetration tests on networks, applications, and systems to identify security weaknesses.

  • Develop and implement advanced security test plans, scenarios, and scripts.

  • Perform in-depth vulnerability assessments and security analysis using both automated tools and manual techniques.

  • Document and report security findings, providing actionable insights to clients and detailed recommendations for remediation.

  • Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.

  • Research and stay current with emerging security threats, vulnerabilities, and technology trends.

  • Participate in security incident response activities when required.

  • Assist in the development and refinement of security policies, procedures, and standards.

  • Provide training, guidance, and mentorship to junior penetration testers and other security staff.

  • Perform security assessments, including application scans (using tools such as Nessus, Burp Suite) and code reviews, to ensure compliance with Momentum Group's SDLC policies.

  • Participate in a variety of other internal security projects and information security activities as required.

Competencies

  • Strong knowledge of OWASP Top 10 vulnerabilities and how to exploit/mitigate them.

  • Excellent technical writing skills for creating detailed assessment reports.

  • Self-driven, motivated, independent yet communicative and collaborative.

  • Ability to work unsupervised in a remote capacity and deliver results.

  • Good organizational skills and time management; ability to resolve conflicts, prioritize tasks, and follow quality benchmarks.

  • Strong verbal communication skills for presenting findings to technical and non-technical stakeholders.

  • Demonstrate a strong ability to engage with various stakeholders, have a team-based approach, and work towards shared goals and outcomes.

  • Ability to think outside the box and a passion to improve your skills and drive innovation.

This advertiser has chosen not to accept applicants from your region.

Information Security Analyst

R150000 - R250000 Y INTERCERT INC

Posted today

Job Viewed

Tap Again To Close

Job Description

Company Description

INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.

Role Description

This is a full-time, on-site role for an Information Security Analyst / Interns at INTERCERT INC., located in South Africa. The Information Security Analyst / Intern will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Qualifications

Bachelor's Degree or equivalent focused on Information
Security/Cybersecurity

Experience Level

0-6 months

Roles and Responsibilities

Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Help assess the design and effectiveness of internal controls, including business and IT controls.

Prepare reports and documentation for external audits and communicate audit findings and recommendations.

Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.

This advertiser has chosen not to accept applicants from your region.

Information Security Analyst II

Johannesburg, Gauteng Nedbank

Posted 19 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

Nedbank, Johannesburg, Gauteng, South Africa

Position: Information Security Analyst II

Requisition Details & Talent Acquisition Specialist

REQ - Thembile Ndlovu

Closing Date: 03 September 2025

Available Roles: 2

Career Stream: IT Risk

Leadership Pipeline: Manage Self: Technical

Job Purpose

To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

Job Responsibilities
  • Capture timesheets timeously and accurately
  • Capture claims timeously and accurately
  • Propose solutions that must be cost effective whilst meeting information security requirements within budget.
  • Participate in negotiations on fair pricing from vendors for new technologies procured.
  • Manage and/or resolve low, medium and high incidents and engage with Specialists to resolve the high complexity incidents.
  • Build relationships with stakeholders to facilitate the flow of knowledge, input and discussion on new products and solutions as required by stakeholders.
  • Facilitate and manage the incident and problem management process when stakeholder environments are affected.
  • Oversee the implementation of the information security changes and check for the shortcomings and risks.
  • Interpret MIS and system logs/reports with the view to analyse and correct any deviations against standards and best practices.
  • Participate in the implementation of new products as provided in the selection criteria.
  • Act as the 1st point of problem resolution for non-routine incidents and 1st line support for problems.
  • Ensure compliance to standards and practices by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
  • Document and maintain all relevant processes and procedures mindful of current policies and standards.
  • Create and maintain information security standards.
  • Oversee and monitor the information security environment according to set standards.
  • Review and contribute to project documentation including business requirements, designs and implementation.
  • Create design documentation according to relevant standards and practices
  • Implement specific information security technologies.
  • Gain further exposure and experience on multiple technologies by job shadowing Information Security Analysts III and Technical Specialist.
  • Log, submit and implement low, medium and high risk changes independently.
  • Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
  • Oversee and ensure change was successful in certain cases and when required perform unit testing.
  • Oversee and ensure back-ups are done, documents are stored and statuses updated.
  • Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
  • Monitor and action Service Manager low, medium and high impact incidents and emails related to Information Security.
  • Ensure job related tasks and processes are in place.
  • Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
  • Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
  • Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
  • Improve personal capability and stay abreast of developments in field of expertise by identifying training courses and career progression opportunities for self through input and feedback from managers.
  • Ensure information is provided correctly to stakeholders by maintaining knowledge sharing with team.
  • Transfer of knowledge to team members.
  • Identify and recommend opportunities to enhance processes, systems and policies and support implementation of new processes, policies and systems.
Job Responsibilities Continue
  • Initial focus will be to implement Identity and Access Management (IAM), encryption, and network security in both Azure and AWS.
  • Support and maintain both Azure and AWS across Infrastructure as Code, containers and applications pipelines.
  • Very strong networking skills.
  • Experience with multiple security technologies.
  • Building relationships with I&O Teams.
Essential Qualifications - NQF Level
  • Matric / Grade 12 / National Senior Certificate
  • Advanced Diplomas/National 1st Degrees
Preferred Qualification
  • Degree or certification in computer science or similar field
  • Microsoft and AWS certifications: SC-200, SC-300, SC-400, Azure Security Engineer Associate, Azure Solutions Architect Expert, Cybersecurity Architect, and AWS certifications listed below
  • AWS Certified Solutions Architect – Associate
  • AWS Certified SysOps Administrator – Associate
  • AWS Certified Solutions Architect – Professional
  • AWS Certified DevOps Engineer – Professional
  • Strong knowledge on Linux Operating System
  • Strong knowledge on Linux Networks
  • Strong knowledge in Linux virtualization
  • Knowledge of scripting languages: Python, PowerShell, Bash, JavaScript/TypeScript, Terraform, YAML and JSON
  • SABSA – Sherwood Applied Business Security Architecture would be preferable
  • Good knowledge to ensure compliance with ISO 27001, GDPR, NIST and CSA guidelines
Minimum Experience Level
  • At least 8 years in an IT environment of which at least 5 years in information security
  • Cloud platform knowledge – AWS and Azure
  • Networking knowledge – WAN, LAN and routing
  • Low-level design documentation skills
  • Knowledge of CSA, NIST and ISO frameworks
  • Experience delivering high-quality design for cloud environments including Kubernetes and cloud PaaS services
  • Experience working with large cross-functional teams
  • Experience working in high pressure demanding environments
Technical / Professional Knowledge
  • Administrative procedures and systems
  • Data analysis
  • Governance, Risk and Controls
  • Principles of project management
  • Relevant regulatory knowledge
  • Relevant software and systems knowledge
  • Cluster Specific Operational Knowledge
  • System Development Life Cycle (SDLC)
  • TCP/IP
  • Information Security terms and definitions
  • Relevant Operating System
  • Information Security policies and procedures
  • Vendor Management Principles
Behavioural Competencies
  • Applied Learning
  • Communication
  • Collaborating
  • Customer Focus
  • Initiating Action
  • Managing Work
  • Technical/Professional Knowledge and Skills

Contact: Nedbank Recruiting Team at

Seniority level
  • Associate
Employment type
  • Full-time
Job function
  • Information Technology

Referrals increase your chances of interviewing at Nedbank by 2x

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Technical Security Analyst

Gauteng, Gauteng Crayon Technologies Ltd

Posted today

Job Viewed

Tap Again To Close

Job Description

How you'll role As a Technical Security Analyst, you will be on the frontline of our cyber defense strategy. Your mission is to safeguard our digital environment by identifying and responding effectively to threats. You'll work collaboratively with cross-functional teams, providing expertise in forensic analysis, vulnerability assessment, and threat intelligence. Your role is essential in interpreting complex server logs and evaluating the impact of vulnerabilities on the business. If you're passionate about cyber forensics and building resilient, secure systems, this is a perfect opportunity for you. What you'll do Collect and preserve forensic evidence from servers, endpoints, and cloud environments Access, read, and interpret server logs, audit trails, and system data Analyze logs for suspicious activity and known attack signatures Evaluate the likelihood and potential consequence of exploitation and provide mitigation recommendations Collaborate with DevOps, IT, and Security teams during incident response Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR) Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns What you'll need Proficiency in forensic tools and techniques Generalist understanding of server infrastructure and core security concepts Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.) Experience with CVE tracking, vulnerability scanners, and mitigation workflows Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.) Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders Preferred experience Hands-on incident response or blue team roles Exposure to SIEM platforms Understanding of chain-of-custody and legal considerations in evidence handling IDS/IPS knowledge Ability to track vulnerabilities through to remediation Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK Ability to perform hypothesis-driven hunts and pivot off findings Knowledge of cloud platforms: AWS, Linode, Hetzner Understanding of the CIA triad (Confidentiality, Integrity, Availability)
This advertiser has chosen not to accept applicants from your region.

Technical Security Analyst

NETSTOCK

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

Responsibilities

  • Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
  • Access, read, and interpret server logs, audit trails, and system data to support investigations
  • Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
  • Support segregation of duties analysis and remediation
  • Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
  • Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
  • Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
  • Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
  • Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
  • Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
  • Vulnerability Management - Track patching and configuration compliance across systems
  • Proactively search for signs of compromise using hypothesis-based techniques
  • Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
  • Build and refine detection logic based on observed environment behavior
  • Create custom log correlation rules and detection use cases
  • Review server, database, and application configurations for security misconfigurations
  • Assist with internal or third-party penetration testing exercises
  • Validate reported vulnerabilities and test exploitability in controlled environments
  • Help develop realistic tabletop scenarios and user training content

Required Skills and Qualifications

  • Proficiency in forensic tools and techniques
  • Generalist understanding of server infrastructure, system privileges, and core security concepts
  • Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
  • Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
  • Experience with CVE tracking, vulnerability scanners, and mitigation workflows
  • Familiarity with standards such as ISO 27001 and common infosec frameworks
  • Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
  • Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders

Preferred Skills and Qualifications

  • Hands-on incident response or blue team roles
  • Exposure to SIEM platforms
  • Understanding of chain-of-custody and legal considerations in evidence handling
  • Experience in environments with regulatory requirements
  • Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
  • IDS/IPS knowledge
  • Ability to track vulnerabilities through to remediation
  • Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
  • Ability to perform hypothesis-driven hunts and pivot off findings
  • Knowledge of cloud platforms: AWS, Linode, Hetzner
  • Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Physical Security Analyst

Gauteng, Gauteng Teraco – A Digital Realty Company

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company

Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company

Teraco Data Environments

2025/07/24 Gauteng

Job Reference Number: PSA_JB3

Department: Security

Business Unit

Industry: Information Technology

Job Type: Permanent

Positions Available: 1

Salary: Market Related

This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting.

Job Description

PURPOSE OF THE ROLE

This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting. The role is responsible for tracking and ensuring closure of security vulnerabilities, management and closure of tickets within SLA, and updating policies and procedures to improve security posture.

Main Functions Of The Job

  • Action physical access request tickets to the Access Control System in line with Teraco policies. This requires a high degree of attention to detail, and compliance to policies.
  • Track and allocate tickets to team members for action. Ensure tickets are addressed within required timelines.
  • Analyze logs and data sets from various sources to formulate reporting for internal usage e.g. data integrity assessments etc.
  • Analyze logs and data sets from various sources to formulate reporting for Teraco clients.
  • Track percentage of data integrity issues successfully verified & closed within the specified timeframe.
  • Ensure scheduled checks, calibrations, and inspections (CCTV, access control, metal detectors, perimeter fences) are completed on time.
  • Logging and updating calls via the ticketing system.
  • Driving closure and tracking progress to ensure timely remediation for incident Management specific to security systems.
  • Client specific monthly reporting.
  • ISO 27001, PCI, ISAE 3402 Type II compliance, monitoring and reporting, as it relates to supported systems.
  • The use of vulnerability management for IoT and OT devices using third-party tools, including identification, assessment, and remediation tracking by logging of tickets for action by team members and ensuring tasks are closed timeously.
  • System Uptime: Validation of percentage of time that all security systems (CCTV, access control, metal detectors) are operational and functional by leveraging data sets provided from various sources.
  • Escalate and track calls that require the attention of the IT team by utilizing the correct escalations channels
  • Document security administration procedures, implement the procedures as agreed and ensure evidence in respect of procedures is retained as per documented.
  • Liaising with vendors for replacement stock or spares for maintenance & maintain critical stock levels.
  • Adherence to standard operating procedures and to IT security governance and policies.
  • Take initiative in consultation with Security Systems Manager to improve IT security and better fulfil the needs of the user-base.
  • Validation of handover documentation for the testing of new installations for both standard and non-standard projects.
  • Ad-hoc duties.
  • Review & validation of new/old, mapped camera’s according to security risk reviews.

Job Requirements

Skills Requirement

  • Excellent written and verbal communication skills.
  • Active listening – ability to understand requirements
  • Ability to communicate in English
  • Diligent: Even when it becomes a hassle must be willing to see an issue through to resolution.
  • Good prioritization and organization skills.
  • Attention to detail and accuracy
  • Proactive problem solver
  • Ability to work independently & a positive team player
  • Self-motivated
  • Conducts self professionally, exhibits high levels of tolerance and patience
  • Responsible for continued learning and self-development
  • All activities performed on time
  • Ability to write reports, business correspondence, and procedures

Qualifications And Experience

  • Matric
  • Experience in Vendor Management and related SLA’s
  • Previous experience in supporting a VMS system or IP camera network (Advantageous)
  • Driver’s license and own car essential
  • IT Diploma/Certificate or equivalent NQF Level 6
  • 4 years’ experience in process or document administration in a technical environment
  • A+
  • N+
  • Microsoft Excel

Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Finance and Sales
  • Industries Facilities Services

Referrals increase your chances of interviewing at Teraco – A Digital Realty Company by 2x

Get notified about new Investment Analyst jobs in Gauteng, South Africa .

Johannesburg Metropolitan Area 1 week ago

Johannesburg, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 6 days ago

Johannesburg, Gauteng, South Africa 6 days ago

Talent Pool: Investment Consultant (Johannesburg) MMH Talent Pool: Investment Consultant (Johannesburg)

Pretoria, Gauteng, South Africa 1 day ago

Johannesburg, Gauteng, South Africa 1 week ago

Pretoria, Gauteng, South Africa 2 weeks ago

Centurion, Gauteng, South Africa 3 months ago

Talent Pool: Investment Regional Manager - Countrywide MMH

Centurion, Gauteng, South Africa 4 months ago

Johannesburg, Gauteng, South Africa 1 day ago

Talent Pool: Investment Regional Manager - Countrywide MMH

Centurion, Gauteng, South Africa 2 days ago

Pretoria, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 month ago

Senior Lecturer (College of Business & Economics: Department of Finance & Investment Management) Intermediate Business Analyst – Become Senior Business Analyst working for SA’s leading wealth manager – Johannesburg – R650K PA

City of Johannesburg, Gauteng, South Africa 15 hours ago

Springs, Gauteng, South Africa 4 days ago

Senior Business Analyst | Waterfall, Gauteng | Permanent

Johannesburg, Gauteng, South Africa 5 days ago

Centurion, Gauteng, South Africa 20 hours ago

Johannesburg, Gauteng, South Africa ZAR60,000.00-ZAR72,000.00 1 month ago

Centurion, Gauteng, South Africa 20 hours ago

Johannesburg, Gauteng, South Africa 5 days ago

SPECIALIST ANALYST INVESTMENT PROVIDERS DEPARTMENT

Sandton, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 2 months ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 4 days ago

Business Analyst – Design investment management platform features for SA’s leading wealth manager – Johannesburg – R810K PA

Johannesburg Metropolitan Area 15 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Cyber Security Analyst

Johannesburg, Gauteng InfyStrat

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

Key Responsibilities:
  • Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
  • Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
  • Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
  • Perform vulnerability assessments and penetration testing to identify security weaknesses.
  • Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
  • Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
  • Work with IT and development teams to ensure secure configurations and practices across all systems.
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 2+ years of experience in cybersecurity, information security, or a related role.
  • Strong understanding of security principles, concepts, and technologies.
  • Experience with security monitoring tools, SIEM platforms, and incident response procedures.
  • Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
  • Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
  • Strong analytical and problem-solving skills, with attention to detail.
  • Excellent communication skills to effectively collaborate with cross-functional teams.
  • CERT, CISSP, CISM, or equivalent security certifications are a plus.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security analyst Jobs in South Africa !

Cloud Security Analyst

Johannesburg, Gauteng Boardroom Appointments

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

Cloud Security Analyst Key Responsibilities

  • Implement, manage, and monitor cloud security controls (IAM, RBAC, MFA, encryption, auditing).
  • Design and enforce Identity & Access Management (IAM) and Role-Based Access Controls (RBAC) across cloud infrastructure.
  • Configure and maintain encryption standards (TLS, AES-256) for data in transit and at rest.
  • Conduct regular audits, penetration tests, and monitoring to identify vulnerabilities.
  • Ensure compliance with security frameworks and standards (ISO 27001, NIST, SOC2, GDPR, POPIA).
  • Implement cloud monitoring tools for threat detection and incident response.
  • Collaborate with DevOps/Cloud Engineers to embed security into CI/CD pipelines (shift-left security).
  • Prepare and deliver security assessment reports for leadership and compliance teams.
  • Stay updated on evolving cloud security risks, tools, and industry trends.
Core Requirements
  • Minimum 5 years experience in Cloud Security, Information Security, or Cybersecurity.
  • Strong knowledge of cloud security best practices (AWS, Azure, or GCP preferred).
  • Expertise in IAM, RBAC, and MFA solutions.
  • Hands-on experience with encryption protocols (TLS, AES-256).
  • Solid understanding of audit processes and compliance frameworks .
  • Proficiency with monitoring and security tools (SIEM, CloudTrail, Azure Sentinel, Splunk, etc.).
  • Knowledge of container security and serverless environment security.
  • Relevant certifications advantageous (CCSP, CISSP, CISM, Microsoft/Azure Security, AWS Security).

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Technical Security Analyst

NETSTOCK

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Overview

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

Responsibilities
  • Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
  • Access, read, and interpret server logs, audit trails, and system data to support investigations
  • Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
  • Support segregation of duties analysis and remediation
  • Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
  • Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
  • Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
  • Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
  • Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
  • Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
  • Vulnerability Management - Track patching and configuration compliance across systems
  • Proactively search for signs of compromise using hypothesis-based techniques
  • Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
  • Build and refine detection logic based on observed environment behavior
  • Create custom log correlation rules and detection use cases
  • Review server, database, and application configurations for security misconfigurations
  • Assist with internal or third-party penetration testing exercises
  • Validate reported vulnerabilities and test exploitability in controlled environments
  • Help develop realistic tabletop scenarios and user training content
Required Skills and Qualifications
  • Proficiency in forensic tools and techniques
  • Generalist understanding of server infrastructure, system privileges, and core security concepts
  • Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
  • Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
  • Experience with CVE tracking, vulnerability scanners, and mitigation workflows
  • Familiarity with standards such as ISO 27001 and common infosec frameworks
  • Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
  • Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders
Preferred Skills and Qualifications
  • Hands-on incident response or blue team roles
  • Exposure to SIEM platforms
  • Understanding of chain-of-custody and legal considerations in evidence handling
  • Experience in environments with regulatory requirements
  • Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
  • IDS/IPS knowledge
  • Ability to track vulnerabilities through to remediation
  • Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
  • Ability to perform hypothesis-driven hunts and pivot off findings
  • Knowledge of cloud platforms: AWS, Linode, Hetzner
  • Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Technical Security Analyst

Gauteng, Gauteng NETSTOCK

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Overview

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

Responsibilities
  • Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
  • Access, read, and interpret server logs, audit trails, and system data to support investigations
  • Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
  • Support segregation of duties analysis and remediation
  • Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
  • Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
  • Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
  • Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
  • Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
  • Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
  • Vulnerability Management - Track patching and configuration compliance across systems
  • Proactively search for signs of compromise using hypothesis-based techniques
  • Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
  • Build and refine detection logic based on observed environment behavior
  • Create custom log correlation rules and detection use cases
  • Review server, database, and application configurations for security misconfigurations
  • Assist with internal or third-party penetration testing exercises
  • Validate reported vulnerabilities and test exploitability in controlled environments
  • Help develop realistic tabletop scenarios and user training content
Required Skills and Qualifications
  • Proficiency in forensic tools and techniques
  • Generalist understanding of server infrastructure, system privileges, and core security concepts
  • Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
  • Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
  • Experience with CVE tracking, vulnerability scanners, and mitigation workflows
  • Familiarity with standards such as ISO 27001 and common infosec frameworks
  • Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
  • Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders
Preferred Skills and Qualifications
  • Hands-on incident response or blue team roles
  • Exposure to SIEM platforms
  • Understanding of chain-of-custody and legal considerations in evidence handling
  • Experience in environments with regulatory requirements
  • Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
  • IDS/IPS knowledge
  • Ability to track vulnerabilities through to remediation
  • Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
  • Ability to perform hypothesis-driven hunts and pivot off findings
  • Knowledge of cloud platforms: AWS, Linode, Hetzner
  • Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Analyst Jobs