91 Security Analyst jobs in Johannesburg

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

• Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
• Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
• Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
• Perform vulnerability assessments and penetration testing to identify security weaknesses.
• Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
• Work with IT and development teams to ensure secure configurations and practices across all systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in cybersecurity, information security, or a related role.
• Strong understanding of security principles, concepts, and technologies.
• Experience with security monitoring tools, SIEM platforms, and incident response procedures.
• Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
• Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication skills to effectively collaborate with cross-functional teams.
• CERT, CISSP, CISM, or equivalent security certifications are a plus.

ENVIRONMENT

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester /Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

• Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
• Conduct network penetration tests
• Conduct application penetration tests (web and thick client)
• Conduct wireless and mobile security assessments
• Conduct social engineering assessments
• Conduct physical security assessments
• Effectively communicate successes and obstacles with fellow team members and line managers
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
• Utilise common vulnerability assessment and penetration testing tools

• Working as part of a Red Team and assisting with the following duties (but not limited to):
• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
• Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
• Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
• Escalate privileges and maintain persistence
• Exfiltrate and / or complete objectives

• Research new vulnerabilities with a focus on high-profile products
• Understand the terminology and tactics employed by threat actors Research new attack methods

• Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
• Previous Red Team experience required

ENVIRONMENT

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester / Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

• Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
• Conduct network penetration tests
• Conduct application penetration tests (web and thick client)
• Conduct wireless and mobile security assessments
• Conduct social engineering assessments
• Conduct physical security assessments
• Effectively communicate successes and obstacles with fellow team members and line managers
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
• Utilise common vulnerability assessment and penetration testing tools

• Working as part of a Red Team and assisting with the following duties (but not limited to):
• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
• Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
• Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
• Escalate privileges and maintain persistence
• Exfiltrate and / or complete objectives

• Research new vulnerabilities with a focus on high-profile products
• Understand the terminology and tactics employed by threat actors Research new attack methods

• Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
• Previous Red Team experience required

Our client is looking for a talented Security Analyst who is ready to take on a variety of security assessments and grow their career in a high-energy, cutting-edge environment.

Responsibilities:

Penetration Testing:

• Collaborate within a team of experts to conduct vulnerability assessments and penetration tests across a wide range of technologies.
• Assess network, application (web and thick client), mobile, wireless, social engineering, and physical security, using both automated and manual techniques.
• Engage with clients professionally to deliver insights and constructive feedback, ensuring their security needs are met.
• Dive deep into security topics like network, database, and application security, developing your expertise along the way.
• Leverage your skills with penetration testing tools to uncover vulnerabilities and improve security measures.

Red Teaming:

• Become part of an elite Red Team, focusing on reconnaissance using open-source intelligence (OSINT) to gather actionable data.
• Take the lead in compromising systems by identifying vulnerabilities in people, processes, and technology.
• Develop and deploy command-and-control servers and custom payloads, establishing persistence within target environments.
• Evolve your craft by creating new tools, techniques, and procedures to avoid detection by defenders.
• Work on escalation, maintaining long-term access to compromised networks, and exfiltrating critical data.

Research and Development:

• Stay ahead of the curve by researching and identifying new vulnerabilities, focusing on high-profile products and systems.
• Understand and analyze the latest tactics used by threat actors to craft innovative security strategies.
• Develop and refine attack methodologies that will be used to strengthen future defensive efforts.

Requirements:

Experience:

• 2-5 years' hands-on Penetration Testing, including a strong background in network, mobile, web, and wireless security assessments.
• Strong understanding of common vulnerability assessment and penetration testing tools.
• Ability to think critically and creatively to solve complex security challenges.
• Strong communication skills for both internal collaboration and client-facing interactions.
• Passion for continuous learning and staying updated on the latest in cybersecurity.

Experian Johannesburg, Gauteng, South Africa

Experian Johannesburg, Gauteng, South Africa

Get AI-powered advice on this job and more exclusive features.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

Principal Responsibilities

• Collaborate with technical and business teams to address security flaws and implement remediation plans.

• Oversee application security tasks, ensuring alignment with audit requirements and internal policies.

• Support change and incident management processes, with a focus on high-priority incidents (P1 & P2).

• Provide guidance to development and support teams on security-related ticket requirements and process expectations, ensuring SLA compliance.

• Act as a liaison with internal stakeholders to ensure clear communication and quality engagements.

• Support governance and administrative functions, including audit preparation and policy development.

• Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics.

Required Key Skills (Functional/Technical)

Application Security & Vulnerability Management

• Familiarity with Common Vulnerability Scoring System (CVSS)

• Experience with tools like OWASP ZAP, Veracode, Rapid7 (on-prem), and Wiz.IO (cloud vulnerability management and CSPM)

• Track and assist in the closure of identified vulnerabilities, working closely with IT and Development teams

• Review and maintain secure configurations for systems, applications, and network devices

Security Fundamentals

• Working knowledge of encryption, authentication, and secure data transmission

• Knowledge of network security principles and firewall configurations

• Familiarity with SSO and MFA using OKTA, and directory services such as MS Active Directory

• Experience with CyberArk PAM for privileged access management

Security Information and Event Management (SIEM)

• Use of Splunk SIEM for real-time threat detection and log analysis

• Review and optimise SIEM use cases to enhance threat detection and response capabilities

Monitoring & Endpoint Security

• Experience with Tanium and MS Defender for server and endpoint security management

• Familiarity with IBM Guardium for database activity monitoring

• Exposure to Cyera for data identification and classification

Cloud & Infrastructure Security

• Experience with Wiz.IO for cloud security posture management (CSPM) and IaC scanning

• Understanding of secrets management using AWS Secrets Manager, Azure Key Vault, or GCP Secrets Manager

• Familiarity with Thales and AWS KMS/HSM for key management

Other Tools & Platforms

• Knowledge of SailPoint for identity governance

• Experience with CyCognito for external attack surface management

• Familiarity with Imperva for WAF, DDoS, and botnet protection

• Exposure to ProofPoint and MS Office365 Message Security for email security

• Use of 1Password for credential management

• Awareness of Netwrix for password policy enforcement

• Degree or equivalent qualifications and experience in Computer Science, Information Technology, Data or a related field Technical & Security Experience
• Experience with automated and manual methods for evaluating security controls in both on-prem and cloud environments
• Experience in monitoring and reporting on security flaws and supporting related remediation activities
• Familiarity with change management processes in technology environments Risk, Controls & Compliance
• Contribute to accurate statistical reporting on the market’s IT security posture
• Ensure first line of defence (1LoD) ownership of non-compliance issues, exception justifications, mitigation controls, and risk documentation
• Ensure accuracy and timely completion of control testing and remediations
• Collaborate with Security Partners, RISOs and other governance functions to drive remediation of identified security deficiencies
• Ability to compile management reports and presentations on technical risks, controls, and deficiencies Communication & Collaboration
• Strong ability to communicate complex information clearly and effectively
• Good collaboration, relationship-building, and interpersonal skills
• Act as primary liaison with internal, local and regional stakeholders, ensuring quality engagements and clear progress updates
  
  

Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering. the list goes on. Experian's people first approach is award-winning; World's Best Workplaces 2024 (Fortune Top 25), Great Place To Work in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology

Referrals increase your chances of interviewing at Experian by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, Baker Street 30

To attend to and act as an initial point of contact for all customer needs and service enquiries related to Risk and Fraud while adhering to the laid down processes and procedures to ensure mitigation of the risk and financial losses for both customers and Standard Bank South Africa.

Type of Qualification: Secondary/High school/A levels/Matric
Field of Study: Not applicable

Experience Required
Client Coverage
Personal and Private Banking
1-2 years
Exposure in either Fraud or Risk. Contact Centre experience would be an advantage.

• Adopting Practical Approaches
• Articulating Information
• Documenting Facts
• Examining Information
• Following Procedures
• Interacting with People
• Managing Tasks
• Taking Action
• Thinking Positively
• Upholding Standards

• The resource would need to have a vast knowledge of Assurance, Risk Management and Governance, including frameworks like King IV, Cobit, Nyst and other relevant frameworks, relevant laws and regulations.
• Their role will be to write a comprehensive document or set of documents, to be used to structure and design learning programs within the Group to a light certificate in systems auditing (CISA light).
• The resource would need extensive written experience as well.
• Drafting risk assurance reports or audit findings.
• Writing risk management frameworks, policies, and procedures.
• Creating clear communication for executives/boards on assurance and risk.
• Providing templates for assurance reviews, risk registers, or compliance monitoring.

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, Baker Street 30

To attend to and act as an initial point of contact for all customer needs and service enquiries related to Risk and Fraud while adhering to the laid down processes and procedures to ensure mitigation of the risk and financial losses for both customers and Standard Bank South Africa.

Type of Qualification: Secondary/High school/A levels/Matric
Field of Study: Not applicable Experience Required
Client Coverage
Personal and Private Banking
1-2 years
Exposure in either Fraud or Risk. Contact Centre experience would be an advantage. Additional Information

• Adopting Practical Approaches
• Articulating Information
• Documenting Facts
• Examining Information
• Following Procedures
• Interacting with People
• Managing Tasks
• Taking Action
• Thinking Positively
• Upholding Standards