77 Security Compliance jobs in South Africa

Location: South Africa, Johannesburg, Cape Town

Type: Permanent, Full Time

Published: 2 hours ago

We have a current opportunity for a Security Compliance Analyst on a permanent basis. The position will be based in Cape Town. For further information about this position please apply.

• HR Services, Recruitment & Selection

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

Job Title: Information Security & Vendor Risk Compliance Specialist
Reports To: Manager, Certification, Data Privacy and Internal Audit
Employment Type: Full-Time, Permanent, remote

Your role

Netstock is looking for an experienced Information Security & Vendor Risk Compliance Specialist to join our growing team. In this critical role, you’ll help safeguard our organization by assessing third-party risks, maintaining our Information Security Management System (ISMS) , and driving compliance with international data protection standards.

You'll bring your cybersecurity expertise to the table, especially your knowledge of ISO 27001 , NIST , and key risk assessment framework to support internal IT audits, evaluate vendor security practices, and contribute to Netstock’s ongoing regulatory compliance initiatives.
This role is ideal for someone with strong analytical and communication skills, a proactive mindset, and a passion for cybersecurity and risk management. If you're ready to play a pivotal role in strengthening Netstock’s security posture, we’d love to hear from you.

Required Experience

• Direct experience conducting third-party due diligence, evaluating vendors, partners, or suppliers, conducting IT internal audits and maintenance of the ISMS.
• Cybersecurity Experience: A strong background in cybersecurity, such as experience and knowledge in key security concepts such as vulnerability management, incident response, and network security. This is important because you need to evaluate the security posture of third parties to assess whether their systems and practices could pose a risk to your organization. You will need to perform internal audits against security controls.
• Third-Party Risk Management: Direct experience with third-party risk assessments, focusing on how third-party vendors and service providers manage security and data protection. This includes assessing risks related to data breaches, cybersecurity threats, and the potential compromise of sensitive information.
• Compliance and Regulatory Knowledge: Familiarity with relevant compliance standards and regulations.
• Information Security Management Systems: Direct experience managing, maintaining, and improving the Information Security Management System (ISMS) in accordance with ISO 27001 or similar frameworks. Experience conducting IT internal audits to assess IT systems, infrastructure, and processes for compliance with internal security policies and standards.

Education
Certifications: ISO 27001 Lead Auditor and other relevant security certifications.

Technical skills

Information security knowledge

• Understanding of security frameworks (ISO 27001, NIST, CIS Controls)
• Familiarity with security best practices, including secure software configurations and secure coding practices
• Experience reviewing technology security risks, such as software libraries, desktop software, and technology assessments

Risk assessment and management

• Ability to perform security and privacy risk assessments
• Skilled in maintaining and updating risk registers
• Competence in assessing and documenting risk treatments
• Experience performing gap analysis and implementing corrective action plans
• Competency in performing Artificial Intelligence impact assessments

Privacy and data protection

• Familiarity with global privacy regulations (e.g., GDPR, POPIA, CCPA)
• Experience conducting Data Protection Impact Assessments (DPIA)
• Ability to perform Legitimate Interest Assessments (LIA)
• Maintaining personal data registers and retention schedules
• Knowledge of managing personal data breaches and notifications

Compliance and regulatory expertise

• Understanding of vendor compliance and due diligence processes
• Familiarity with privacy and regulatory obligations embedded within contracts
• Capability in reviewing data processing activities against regulatory requirements
• Ability to interpret contractual terms and conditions from a security and privacy perspective
• Skilled in identifying and clearly communicating contractual obligations to the business

Information Security Management Systems

• Design, implement, and lead the internal IT audit function
• Conduct audits of IT systems, infrastructure, and processes to identify risks, weaknesses, and non-compliance.
• Monitor and report on compliance with internal policies, POPIA, ISO standards, and relevant cybersecurity frameworks.
• Assist with the process of updating, revising, and improving ISMS documentation to reflect changing risks, regulatory requirements, and business needs.
• Strong written and verbal communication to liaise clearly with stakeholders
• Ability to translate technical security/privacy terms into understandable business language
• Detail-oriented approach to evaluating contracts, vendor information and when conducting internal audits.
• Accuracy in describing controls, processes, and compliance requirements.
• Strong analytical skills to effectively identify, assess, and prioritise risks
• Proficiency in maintaining accurate, thorough, and organised documentation (risk registers, vendor assessments, incident reports, internal audit reports, etc.)
• Ability to clearly and concisely document audit findings, observations, and recommendations.
• Ability to translate complex security concepts into clear, concise, and actionable language.
• Collaboration and stakeholder management
• Ability to effectively collaborate across teams, including business stakeholders, technical teams, legal, and vendors
• Confidence in working with external vendors to gather necessary security/privacy information
• Capacity to manage multiple assessments and reviews simultaneously
• Strong organisational skills to maintain accurate documentation, reporting schedules, and deliverables timelines

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

We are currently seeking a dynamic and experienced Risk Management Consultant for an exciting fixed-term project. You will play a critical role in assessing, mitigating, and managing risks associated with our client’s operations. This fixed-term project requires a seasoned professional with expertise in risk analysis, compliance, and strategic planning.

You will meet the following minimum requirements

• Completed Degree in Accounting / Finance / Risk Management / Criminal Sciences / Law
• Enterprise Risk Management competency
• Proven experience in risk management (5+ years), ideally in a consulting or advisory capacity.
• Strong analytical skills with the ability to assess and interpret complex data.
• Knowledge of relevant industry regulations and compliance standards.
• Excellent communication and presentation skills.
• Ability to work independently and collaboratively within a team.
• Proficiency in risk management software and tools is a plus.

Key responsibilities will include:

• Conducting comprehensive risk assessments and identifying potential risks.
• Developing and implementing risk mitigation strategies and action plans.
• Collaborating with cross-functional teams to ensure risk-related policies and procedures are followed.
• Analyzing data and trends to provide actionable insights for informed decision-making.
• Providing guidance on compliance with industry regulations and standards.
• Preparing and delivering reports to senior management and stakeholders.
• Aligning risk appetite with key risk indicators
• Assisting with the preparation of risk reports for submission to the Risk Management Committee and Audit and Risk Board Subcommittees
• Assisting with the development and implementation of Business Continuity Plan (BCP), Disaster Recovery Plan (DRP) and Crisis Management

Pertinent details:

• Location: Gauteng
• Duration: 3+ months

If you are a dedicated risk management professional looking for an exciting project opportunity, we invite you to submit your resume and a cover letter outlining your relevant experience to Please include “Risk Management Consultant” in the subject line of your email.

DIRECTOR: ORGANISATIONAL RISK MANAGEMENT

• Reference Number: refs/023048
• Directorate: ORGANISATIONAL RISK MANAGEMENT
• Number of Posts: 1
• Package: R 1 266 714.00 - R 1 492 122.00 per annum (All-inclusive). This includes a basic salary (70%) and a flexible portion (30%) that can be structured according to applicable rules. It also includes the state's contribution to the Government Employees Pension Fund (13% of basic salary). The successful candidate will be required to sign a performance agreement within three months of appointment.
• Enquiries: Ms. Sikelelwa Mboto Tel: /

Requirements:

• An undergraduate qualification at NQF Level 7 in Risk Management or Commerce recognized by SAQA.
• Minimum of 5 years’ experience at middle/senior managerial level.
• A valid driver’s license.
• Pre-Entry SMS Certificate.
• Competencies: GPG and DID policies and procedures, PFMA, Treasury regulations, relevant legislation, Public Service Regulations, understanding of DID projects or agencies, financial management, provisioning administration, risk management frameworks, policy development, change management, project management.
• Skills: Financial management, human resources, project management, presentation, report writing, planning, stakeholder management, negotiation, facilitation.
• Attributes: Decisive, team worker, diversity and customer-focused, proactive, resourceful, flexible, cost-conscious, quality-oriented, responsive, people-oriented, credible, innovative, problem-solving, strategic.

Duties:

• Manage risk identification, assessment, mitigation, monitoring, and reporting processes.
• Develop and maintain the department’s ERM strategy and policies.
• Conduct risk analysis, develop risk maturity profiles, and manage risk registers.
• Report ERM matters to stakeholders and coordinate relevant committees.
• Manage business continuity plans, awareness campaigns, and supporting committees.
• Sign performance agreements, manage subordinates, and oversee training and development.
• Manage resources, funds, and stakeholder relations.
• Align strategic priorities with departmental goals and prepare reports.

Notes:

• In line with the Department’s Employment Equity Plan, people with disabilities are encouraged to apply.
• Apply online at Only online applications are accepted.
• Use the latest Z83 form issued by the Minister for the Public Service and Administration, fully completed and signed.
• Attach a comprehensive CV. Failure to do so results in disqualification.
• Certified copies of qualifications (not older than 6 months), ID, and driver’s license (if applicable) will be requested from shortlisted candidates.
• Preference will be given to candidates promoting representativity (race, gender, disability).
• Foreign qualifications must be evaluated by SAQA.
• The Department reserves the right not to appoint.
• If no response is received within 3 months, consider the application unsuccessful.

Employer: Department of Infrastructure Development

Location: Head Office (Johannesburg)

Closing Date: 15-08-2025

Criteria Questions:

• Do you have an undergraduate qualification at NQF Level 7 in Risk Management or Commerce recognized by SAQA?
• Do you have a minimum of 5 years’ experience at middle/senior managerial level?
• Do you have a valid driver’s license?
• Do you have a Pre-Entry SMS Certificate?

Note:

• Due to high application volume, applications will not be acknowledged. No response within 3 months indicates unsuccessful application.

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, Baker Street 30

To attend to and act as an initial point of contact for all customer needs and service enquiries related to Risk and Fraud while adhering to the laid down processes and procedures to ensure mitigation of the risk and financial losses for both customers and Standard Bank South Africa.

Type of Qualification: Secondary/High school/A levels/Matric
Field of Study: Not applicable

Experience Required
Client Coverage
Personal and Private Banking
1-2 years
Exposure in either Fraud or Risk. Contact Centre experience would be an advantage.

• Adopting Practical Approaches
• Articulating Information
• Documenting Facts
• Examining Information
• Following Procedures
• Interacting with People
• Managing Tasks
• Taking Action
• Thinking Positively
• Upholding Standards

Business Segment: Personal & Private Banking

Location: ZA, GP, Johannesburg, Baker Street 30

To attend to and act as an initial point of contact for all customer needs and service enquiries related to Risk and Fraud while adhering to the laid down processes and procedures to ensure mitigation of the risk and financial losses for both customers and Standard Bank South Africa.

Type of Qualification: Secondary/High school/A levels/Matric
Field of Study: Not applicable Experience Required
Client Coverage
Personal and Private Banking
1-2 years
Exposure in either Fraud or Risk. Contact Centre experience would be an advantage. Additional Information

• Adopting Practical Approaches
• Articulating Information
• Documenting Facts
• Examining Information
• Following Procedures
• Interacting with People
• Managing Tasks
• Taking Action
• Thinking Positively
• Upholding Standards

Direct message the job poster from MoMo from MTN

Fintech is entering a new phase where operational and commercial excellence has become critical for success. We at MTN believe this is a game changer in terms of our business strategy. We are looking at an incumbent to join us as we build a successful business together.

As part of your portfolio as Senior Manager: Enterprise Risk Management , you will:

1. Responsible for executing the overall Enterprise Risk strategy and business plan, as well as ensuring the effective execution of risk mitigation plans across MTN Group Fintech Opcos.
2. Responsible for identifying, managing, and mitigating the risks facing the Group Fintech, and leading the measurement of potential credit and market risks.
3. This role is responsible for overseeing and managing the following risk portfolios in Group Fintech:
4. Operational Risk, Financial Risk, Technology and Cyber Risk and Business Continuity Management.
5. As part of the leadership team, the Senior Manager is also responsible for contributing to Risk and Compliance’s overall strategic goals, achieving profitable growth, and continuously improving the operational performance.
6. Lead the creation of the Enterprise Risk Framework in line with the overarching business goals.
7. Ensure effective implementation of the strategy through providing direction, structure, frameworks, models, plans, and roadmaps.
8. Manage and oversee collaborative efforts between Leads for Operational Risk, Financial Risk, Technology and Cyber Risk, and Business Continuity Management.
9. Oversee the development and implementation of Business Continuity Management, Crisis Management and Security policies and seek approval from the Group Fintech Risk Committee.

The incumbent must have the following:

1. Minimum 4-year Bachelor of Commerce Degree in Risk Management/Financial Risk Management/Operational Risk Management/Business Administration, or related field.
2. Postgraduate MBA and/or Master’s Degree is advantageous.
3. Professional qualification in Risk Management (FRM, PRMIA ORM, CRISC) is advantageous.
4. English and French (as an advantage).
5. Manager track record of 4 years or more, with at least 3 years’ experience in Fintech/Banking/Financial Services.
6. Minimum of 7 years of experience in Risk Management and Business Continuity Management, and a solid understanding of credit and market risks.
7. Hands-on experience in identifying, managing, and mitigating risks for financial institutions.
8. Experience in e-commerce and electronic payment business is advantageous.

What will give an edge to your application:

1. Having worked across diverse cultures and geographies. Pan Africa multi-cultural experience is advantageous.
2. English speaker. French, Portuguese, Zulu, Swahili, and other African languages a plus.

Closing date: 3 April 2025. Late applications will not be accepted.

Should you not hear from us within two weeks of the closing date, consider your application unsuccessful.

Ready to make and drive the change with us. Apply now!

Associate

Full-time

Accounting/Auditing

Banking

Ensuring that Operational and Strategic Risk tools are embedded in the organisation. Planning, development and implementation of the client's enterprise risk activities. Initiate and recommend adoption of new operational risk management tools and procedures. Developing, reviewing and updating Enterprise/Operational Risk Policies/frameworks to reflect best practice. Facilitate the identification, assessment of key risks inherent in the operation of business units, as well as assist with the formulation of action plans to address any gaps in the mitigating measures identified. Monitoring Risk levels and providing timely reports to Management and Stakeholders on the status of risks and mitigation efforts. Identifying, analysing, and evaluating potential risks related to Information and Technology. Participating in Governance Forums to ensure alignment of Operational and IT risk to Business Objectives. Promote and support timely and complete reporting of operational risk incidents/events by Business Stakeholders. Assisting with the co-ordination of the annual EWRM programme throughout the organisation. Assisting in the development and review of the appetite risk framework. Reporting to EXCO and Board Risk and Sustainability Committee on Operational and strategic Risk activities. Assist with the coordination of Business Continuity Management activity. Preparation of the packs for the Enterprise Risk Management Forum. Provide training to Staff on Risk Management tools, policies, frameworks, and practices. Coordinating assurance activities in collaboration with Internal Audit, Compliance, and other Assurance functions to ensure comprehensive coverage and alignment. Provide guidance and advisory to Business Stakeholders on risk-related matters. Staying informed about the evolving threats, trends, and technologies to proactively address emerging risks and enhance operational and IT risk management practices.

To enable effective implementation of Enterprise Risk Management activities and provide 2LOD independent oversight within the organisations, whilst ensuring policies and framework reflect best practices.

Qualifications:

1. Com (Accounting/Information Technology/Business/Risk Management)
2. Professional Certification (e.g., CISSP, CISM, CISA, CRISC)
3. A post-graduate qualification will be an added advantage.

Knowledge & Skills:

1. 8 - 10 years’ experience in Operational Risk environment in a financial institution
2. Demonstrated experience in managing operational and IT risk programs.
3. Knowledge of Risk and IT risk industry best practices and standards such as Basel, COSO, and ISO27001/31000.

Description

Bluespec is looking for a Group Financial Manager with experience specifically in the Risk space as they will be taking care of the Risk Management Portfolio.

This is a high paced environment with many exciting challenges, come and join the biggest Automotive Company in Gauteng

Job Purpose

In this role, you will be building relationships with key stakeholders, work closely with operations to secure alignment on account planning activities.
The Finance Manager is responsible for all aspects of financial management, ensuring compliance with internal policies and procedures. This role builds the capacity of the Company’s finance team. S/he oversees the day to day work of the finance department and is responsible for the effective use and deployment of staff and financial resources.

All financial reporting, policies and procedures, while driving reporting excellence

Risk Management portfolio

Forensics

Internal Auditing

Provision of support to functional leaders with respect to financial reporting
Development and continued integration of financial systems
Project budgeting, forecasting and cash flow forecasting
Business analysis including monitoring
Team leadership and training of local staff

Key Responsibilities include: Management of the Finance & Administration Department:

a. Lead and manages the finance team ensuring all areas are functioning effectively (including taxation, cost management, accounting, payroll and reporting).
b. Oversee administrative functions
c. Oversee all vendor contracts including sourcing, negotiation and ensuring appropriate agreements, execution and service levels
d. Ensure that all activities are done according to budget and forecasts.

e. Plan, organise and control the high level activities related to the department.

f. Develop and maintain progression and succession plans for the department as per company and HR guidelines; this includes the development, implementation and maintenance of a department skills matrix among other requirements

Cost.

a. Monitor operating budget performance and actively participates in the monthly review process.

b. Accountable for the preparation of the budget and on delivery (costs and time)

c. Negotiate and manage third party service providers in order to reduce costs

Planning

a. Plan work according to business requirements and guides all activities accordingly

b. Manage the annual site planning and administrative process

People & Team Management

a. Develop and encourage a team approach with shared objectives

b. Review and communicate individual and team performances in daily, weekly, monthly team meetings.

c. Create and maintain strong relationship with all internal and external stakeholders

d. Active involvement in employee development by mentoring, training and coaching employees of the departments to enhance overall team skills development

e. Develop and monitor the progress of employee development and progress plans.

f. Ensure all key people program requirements are met including timely performance management reporting, core training and development programs, etc.

g. Ensure the Finance and Administration Team is executing in their roles and responsibilities to an expected industry standard Policy.

Procedure and Process Development

a. In consultation with corporate management, review relevant policy and procedures.

b. Communicate with corporate staff to ensure effective alignment and collaboration on key initiatives

Innovation and Improvement

a. Actively participate in the continual review of company procedures and make recommendations as required

b. In collaboration with the Business Performance Manager, identify and address business process opportunities in all areas to further improve effective and efficient operation

c. Identifies, investigates and implements improvements to all commercial operations in order that security management capability that will satisfy External audit controls compliance

EXPERIENCE AND QUALIFICATIONS REQUIRED:

BCom Accounting degree – non-negotiable

Minimum 10 - 12 years' relevant experience post articles

Motor industry experience would be beneficial, however manufacturing and construction industry would be considered

Insurance background would be advantageous

Experience mentoring, coaching and building and leading teams with people at all level

Demonstrated experience designing and developing financial, cost and performance management reports

Experience developing and improving business processes

Strong communication skills in English