318 Security Analyst jobs in South Africa

Company Description

INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.

Role Description

This is a full-time, on-site role for an Information Security Analyst / Interns at INTERCERT INC., located in South Africa. The Information Security Analyst / Intern will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Qualifications

Bachelor's Degree or equivalent focused on Information
Security/Cybersecurity

Experience Level

0-6 months

Roles and Responsibilities

Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Help assess the design and effectiveness of internal controls, including business and IT controls.

Prepare reports and documentation for external audits and communicate audit findings and recommendations.

Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.

Overview

Nedbank, Johannesburg, Gauteng, South Africa

Position: Information Security Analyst II

Requisition Details & Talent Acquisition Specialist

REQ - Thembile Ndlovu

Closing Date: 03 September 2025

Available Roles: 2

Career Stream: IT Risk

Leadership Pipeline: Manage Self: Technical

To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

• Capture timesheets timeously and accurately
• Capture claims timeously and accurately
• Propose solutions that must be cost effective whilst meeting information security requirements within budget.
• Participate in negotiations on fair pricing from vendors for new technologies procured.
• Manage and/or resolve low, medium and high incidents and engage with Specialists to resolve the high complexity incidents.
• Build relationships with stakeholders to facilitate the flow of knowledge, input and discussion on new products and solutions as required by stakeholders.
• Facilitate and manage the incident and problem management process when stakeholder environments are affected.
• Oversee the implementation of the information security changes and check for the shortcomings and risks.
• Interpret MIS and system logs/reports with the view to analyse and correct any deviations against standards and best practices.
• Participate in the implementation of new products as provided in the selection criteria.
• Act as the 1st point of problem resolution for non-routine incidents and 1st line support for problems.
• Ensure compliance to standards and practices by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
• Document and maintain all relevant processes and procedures mindful of current policies and standards.
• Create and maintain information security standards.
• Oversee and monitor the information security environment according to set standards.
• Review and contribute to project documentation including business requirements, designs and implementation.
• Create design documentation according to relevant standards and practices
• Implement specific information security technologies.
• Gain further exposure and experience on multiple technologies by job shadowing Information Security Analysts III and Technical Specialist.
• Log, submit and implement low, medium and high risk changes independently.
• Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
• Oversee and ensure change was successful in certain cases and when required perform unit testing.
• Oversee and ensure back-ups are done, documents are stored and statuses updated.
• Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
• Monitor and action Service Manager low, medium and high impact incidents and emails related to Information Security.
• Ensure job related tasks and processes are in place.
• Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
• Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
• Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
• Improve personal capability and stay abreast of developments in field of expertise by identifying training courses and career progression opportunities for self through input and feedback from managers.
• Ensure information is provided correctly to stakeholders by maintaining knowledge sharing with team.
• Transfer of knowledge to team members.
• Identify and recommend opportunities to enhance processes, systems and policies and support implementation of new processes, policies and systems.

• Initial focus will be to implement Identity and Access Management (IAM), encryption, and network security in both Azure and AWS.
• Support and maintain both Azure and AWS across Infrastructure as Code, containers and applications pipelines.
• Very strong networking skills.
• Experience with multiple security technologies.
• Building relationships with I&O Teams.

• Matric / Grade 12 / National Senior Certificate
• Advanced Diplomas/National 1st Degrees

• Degree or certification in computer science or similar field
• Microsoft and AWS certifications: SC-200, SC-300, SC-400, Azure Security Engineer Associate, Azure Solutions Architect Expert, Cybersecurity Architect, and AWS certifications listed below

• AWS Certified Solutions Architect – Associate
• AWS Certified SysOps Administrator – Associate
• AWS Certified Solutions Architect – Professional
• AWS Certified DevOps Engineer – Professional
• Strong knowledge on Linux Operating System
• Strong knowledge on Linux Networks
• Strong knowledge in Linux virtualization
• Knowledge of scripting languages: Python, PowerShell, Bash, JavaScript/TypeScript, Terraform, YAML and JSON

• SABSA – Sherwood Applied Business Security Architecture would be preferable
• Good knowledge to ensure compliance with ISO 27001, GDPR, NIST and CSA guidelines

• At least 8 years in an IT environment of which at least 5 years in information security
• Cloud platform knowledge – AWS and Azure
• Networking knowledge – WAN, LAN and routing
• Low-level design documentation skills
• Knowledge of CSA, NIST and ISO frameworks
• Experience delivering high-quality design for cloud environments including Kubernetes and cloud PaaS services
• Experience working with large cross-functional teams
• Experience working in high pressure demanding environments

• Administrative procedures and systems
• Data analysis
• Governance, Risk and Controls
• Principles of project management
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Cluster Specific Operational Knowledge
• System Development Life Cycle (SDLC)
• TCP/IP
• Information Security terms and definitions
• Relevant Operating System
• Information Security policies and procedures
• Vendor Management Principles

• Applied Learning
• Communication
• Collaborating
• Customer Focus
• Initiating Action
• Managing Work
• Technical/Professional Knowledge and Skills

Contact: Nedbank Recruiting Team at

• Associate

• Full-time

• Information Technology

Referrals increase your chances of interviewing at Nedbank by 2x

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

Responsibilities

• Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
• Access, read, and interpret server logs, audit trails, and system data to support investigations
• Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
• Support segregation of duties analysis and remediation
• Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
• Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
• Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
• Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
• Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
• Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
• Vulnerability Management - Track patching and configuration compliance across systems
• Proactively search for signs of compromise using hypothesis-based techniques
• Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
• Build and refine detection logic based on observed environment behavior
• Create custom log correlation rules and detection use cases
• Review server, database, and application configurations for security misconfigurations
• Assist with internal or third-party penetration testing exercises
• Validate reported vulnerabilities and test exploitability in controlled environments
• Help develop realistic tabletop scenarios and user training content

Required Skills and Qualifications

• Proficiency in forensic tools and techniques
• Generalist understanding of server infrastructure, system privileges, and core security concepts
• Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
• Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
• Experience with CVE tracking, vulnerability scanners, and mitigation workflows
• Familiarity with standards such as ISO 27001 and common infosec frameworks
• Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
• Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders

Preferred Skills and Qualifications

• Hands-on incident response or blue team roles
• Exposure to SIEM platforms
• Understanding of chain-of-custody and legal considerations in evidence handling
• Experience in environments with regulatory requirements
• Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
• IDS/IPS knowledge
• Ability to track vulnerabilities through to remediation
• Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
• Ability to perform hypothesis-driven hunts and pivot off findings
• Knowledge of cloud platforms: AWS, Linode, Hetzner
• Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company

Join to apply for the Physical Security Analyst role at Teraco – A Digital Realty Company

Teraco Data Environments

2025/07/24 Gauteng

Job Reference Number: PSA_JB3

Department: Security

Business Unit

Industry: Information Technology

Job Type: Permanent

Positions Available: 1

Salary: Market Related

This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting.

Job Description

PURPOSE OF THE ROLE

This role is an administrative role. The Physical Security Analyst will be responsible for performing the day-to-day operations, management and administration of the physical security access control and CCTV system, keeping track of physical assets and client reporting. The role is responsible for tracking and ensuring closure of security vulnerabilities, management and closure of tickets within SLA, and updating policies and procedures to improve security posture.

Main Functions Of The Job

• Action physical access request tickets to the Access Control System in line with Teraco policies. This requires a high degree of attention to detail, and compliance to policies.
• Track and allocate tickets to team members for action. Ensure tickets are addressed within required timelines.
• Analyze logs and data sets from various sources to formulate reporting for internal usage e.g. data integrity assessments etc.
• Analyze logs and data sets from various sources to formulate reporting for Teraco clients.
• Track percentage of data integrity issues successfully verified & closed within the specified timeframe.
• Ensure scheduled checks, calibrations, and inspections (CCTV, access control, metal detectors, perimeter fences) are completed on time.
• Logging and updating calls via the ticketing system.
• Driving closure and tracking progress to ensure timely remediation for incident Management specific to security systems.
• Client specific monthly reporting.
• ISO 27001, PCI, ISAE 3402 Type II compliance, monitoring and reporting, as it relates to supported systems.
• The use of vulnerability management for IoT and OT devices using third-party tools, including identification, assessment, and remediation tracking by logging of tickets for action by team members and ensuring tasks are closed timeously.
• System Uptime: Validation of percentage of time that all security systems (CCTV, access control, metal detectors) are operational and functional by leveraging data sets provided from various sources.
• Escalate and track calls that require the attention of the IT team by utilizing the correct escalations channels
• Document security administration procedures, implement the procedures as agreed and ensure evidence in respect of procedures is retained as per documented.
• Liaising with vendors for replacement stock or spares for maintenance & maintain critical stock levels.
• Adherence to standard operating procedures and to IT security governance and policies.
• Take initiative in consultation with Security Systems Manager to improve IT security and better fulfil the needs of the user-base.
• Validation of handover documentation for the testing of new installations for both standard and non-standard projects.
• Ad-hoc duties.
• Review & validation of new/old, mapped camera’s according to security risk reviews.
  
  

• Excellent written and verbal communication skills.
• Active listening – ability to understand requirements
• Ability to communicate in English
• Diligent: Even when it becomes a hassle must be willing to see an issue through to resolution.
• Good prioritization and organization skills.
• Attention to detail and accuracy
• Proactive problem solver
• Ability to work independently & a positive team player
• Self-motivated
• Conducts self professionally, exhibits high levels of tolerance and patience
• Responsible for continued learning and self-development
• All activities performed on time
• Ability to write reports, business correspondence, and procedures
  
  

• Matric
• Experience in Vendor Management and related SLA’s
• Previous experience in supporting a VMS system or IP camera network (Advantageous)
• Driver’s license and own car essential
• IT Diploma/Certificate or equivalent NQF Level 6
• 4 years’ experience in process or document administration in a technical environment
• A+
• N+
• Microsoft Excel

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Finance and Sales
• Industries Facilities Services

Referrals increase your chances of interviewing at Teraco – A Digital Realty Company by 2x

Get notified about new Investment Analyst jobs in Gauteng, South Africa .

Johannesburg Metropolitan Area 1 week ago

Johannesburg, Gauteng, South Africa 5 days ago

Johannesburg, Gauteng, South Africa 6 days ago

Johannesburg, Gauteng, South Africa 6 days ago

Pretoria, Gauteng, South Africa 1 day ago

Johannesburg, Gauteng, South Africa 1 week ago

Pretoria, Gauteng, South Africa 2 weeks ago

Centurion, Gauteng, South Africa 3 months ago

Centurion, Gauteng, South Africa 4 months ago

Johannesburg, Gauteng, South Africa 1 day ago

Centurion, Gauteng, South Africa 2 days ago

Pretoria, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 month ago

City of Johannesburg, Gauteng, South Africa 15 hours ago

Springs, Gauteng, South Africa 4 days ago

Johannesburg, Gauteng, South Africa 5 days ago

Centurion, Gauteng, South Africa 20 hours ago

Johannesburg, Gauteng, South Africa ZAR60,000.00-ZAR72,000.00 1 month ago

Centurion, Gauteng, South Africa 20 hours ago

Johannesburg, Gauteng, South Africa 5 days ago

Sandton, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 2 months ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 4 days ago

Johannesburg Metropolitan Area 15 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

• Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
• Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
• Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
• Perform vulnerability assessments and penetration testing to identify security weaknesses.
• Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
• Work with IT and development teams to ensure secure configurations and practices across all systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in cybersecurity, information security, or a related role.
• Strong understanding of security principles, concepts, and technologies.
• Experience with security monitoring tools, SIEM platforms, and incident response procedures.
• Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
• Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication skills to effectively collaborate with cross-functional teams.
• CERT, CISSP, CISM, or equivalent security certifications are a plus.

Cloud Security Analyst Key Responsibilities

• Implement, manage, and monitor cloud security controls (IAM, RBAC, MFA, encryption, auditing).
• Design and enforce Identity & Access Management (IAM) and Role-Based Access Controls (RBAC) across cloud infrastructure.
• Configure and maintain encryption standards (TLS, AES-256) for data in transit and at rest.
• Conduct regular audits, penetration tests, and monitoring to identify vulnerabilities.
• Ensure compliance with security frameworks and standards (ISO 27001, NIST, SOC2, GDPR, POPIA).
• Implement cloud monitoring tools for threat detection and incident response.
• Collaborate with DevOps/Cloud Engineers to embed security into CI/CD pipelines (shift-left security).
• Prepare and deliver security assessment reports for leadership and compliance teams.
• Stay updated on evolving cloud security risks, tools, and industry trends.

• Minimum 5 years experience in Cloud Security, Information Security, or Cybersecurity.
• Strong knowledge of cloud security best practices (AWS, Azure, or GCP preferred).
• Expertise in IAM, RBAC, and MFA solutions.
• Hands-on experience with encryption protocols (TLS, AES-256).
• Solid understanding of audit processes and compliance frameworks .
• Proficiency with monitoring and security tools (SIEM, CloudTrail, Azure Sentinel, Splunk, etc.).
• Knowledge of container security and serverless environment security.
• Relevant certifications advantageous (CCSP, CISSP, CISM, Microsoft/Azure Security, AWS Security).

Overview

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

• Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
• Access, read, and interpret server logs, audit trails, and system data to support investigations
• Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
• Support segregation of duties analysis and remediation
• Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
• Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
• Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
• Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
• Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
• Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
• Vulnerability Management - Track patching and configuration compliance across systems
• Proactively search for signs of compromise using hypothesis-based techniques
• Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
• Build and refine detection logic based on observed environment behavior
• Create custom log correlation rules and detection use cases
• Review server, database, and application configurations for security misconfigurations
• Assist with internal or third-party penetration testing exercises
• Validate reported vulnerabilities and test exploitability in controlled environments
• Help develop realistic tabletop scenarios and user training content

• Proficiency in forensic tools and techniques
• Generalist understanding of server infrastructure, system privileges, and core security concepts
• Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
• Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
• Experience with CVE tracking, vulnerability scanners, and mitigation workflows
• Familiarity with standards such as ISO 27001 and common infosec frameworks
• Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
• Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders

• Hands-on incident response or blue team roles
• Exposure to SIEM platforms
• Understanding of chain-of-custody and legal considerations in evidence handling
• Experience in environments with regulatory requirements
• Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
• IDS/IPS knowledge
• Ability to track vulnerabilities through to remediation
• Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
• Ability to perform hypothesis-driven hunts and pivot off findings
• Knowledge of cloud platforms: AWS, Linode, Hetzner
• Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

Overview

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

Job Title: Technical Security Analyst
Reports To: Associate Director, Security
Employment Type: Full-Time, Permanent, remote position in South Africa only

As a Technical Security Analyst at Netstock, you will be at the frontline of defending our digital environment by identifying, analyzing, and responding to cyber threats with precision and context. You’ll leverage your expertise in forensic analysis, vulnerability assessment, and threat intelligence to investigate incidents, interpret complex server logs, and assess the true business impact of vulnerabilities. This role is ideal for a technically skilled professional who understands risk and thrives in high stakes scenarios.

You’ll work closely with cross-functional teams, including engineering, compliance, and IT to ensure that security incidents are swiftly contained, vulnerabilities are correctly prioritized, and risks are well-communicated. Your ability to see the bigger picture while navigating the technical details will directly strengthen our security posture.

From interpreting CVEs to leading incident reviews, your input will shape how we protect our infrastructure and our customers. If you’re passionate about forensics, threat response, and building resilient systems in a modern, cloud-based environment, we’d love to hear from you!

Responsible for conducting forensic evidence gathering during security incidents, interpreting system and application logs, and identifying indicators of compromise. This role requires a strong foundation in cybersecurity principles, familiarity with server environments, and hands-on experience with vulnerability and threat analysis.

• Collect and preserve forensic evidence from servers, endpoints, and cloud environments in a forensically sound manner
• Access, read, and interpret server logs, audit trails, and system data to support investigations
• Analyze logs for suspicious activity, privilege escalations, lateral movement, and known attack signatures
• Support segregation of duties analysis and remediation
• Analyze the technical and business impact of identified vulnerabilities or attack vectors using threat intelligence and risk management principles
• Evaluate the likelihood and potential consequence of exploitation, and provide context-based risk ratings and mitigation recommendations
• Collaborate with DevOps, Dev, IT and Security teams during incident response, ensuring proper containment and root cause analysis
• Maintain awareness of emerging vulnerabilities, actively working with CVEs and threat intelligence to assess risk
• Provide post-incident reporting with detailed timelines, evidence, and mitigation recommendations
• Ensure forensic/investigation activities align with legal, regulatory, and organizational standards (e.g., ISO 27001, NIST, GDPR)
• Vulnerability Management - Track patching and configuration compliance across systems
• Proactively search for signs of compromise using hypothesis-based techniques
• Use threat intelligence feeds and TTPs (Tactics, Techniques, and Procedures) to identify abnormal patterns
• Build and refine detection logic based on observed environment behavior
• Create custom log correlation rules and detection use cases
• Review server, database, and application configurations for security misconfigurations
• Assist with internal or third-party penetration testing exercises
• Validate reported vulnerabilities and test exploitability in controlled environments
• Help develop realistic tabletop scenarios and user training content

• Proficiency in forensic tools and techniques
• Generalist understanding of server infrastructure, system privileges, and core security concepts
• Ability to parse and correlate various log formats (syslog, Windows Event Logs, cloud audit logs, etc.)
• Proficient in reviewing and interpreting log data across different platforms (Windows, Linux, cloud, network appliances)
• Experience with CVE tracking, vulnerability scanners, and mitigation workflows
• Familiarity with standards such as ISO 27001 and common infosec frameworks
• Solid grasp of risk management principles (likelihood vs. impact, asset value, threat actor profiling, etc.)
• Experience assessing the business relevance of technical vulnerabilities and translating findings for stakeholders

• Hands-on incident response or blue team roles
• Exposure to SIEM platforms
• Understanding of chain-of-custody and legal considerations in evidence handling
• Experience in environments with regulatory requirements
• Familiarity with common services: SSH, DNS, HTTP(S), SMB, RDP
• IDS/IPS knowledge
• Ability to track vulnerabilities through to remediation
• Exposure to ISO 27001, NIST CSF, CIS Controls, MITRE ATT&CK
• Ability to perform hypothesis-driven hunts and pivot off findings
• Knowledge of cloud platforms: AWS, Linode, Hetzner
• Understanding of the CIA triad (Confidentiality, Integrity, Availability)

This position is subject to pre-employment screening, however candidates will not be unfairly discriminated against.

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock