59 Security Consultant jobs in South Africa

The role of the Cyber Security Consultant: Operations will form part of our client’s team which focuses on Cyber Security Operations services to businesses on our client’s Shared Network. This team is responsible for management of the PKI, Anti-Virus, Vulnerability Management, Security Configuration Management, Firewall compliance, Web, and Email content filtering environments. The team also manages the Data Leakage Prevention, Network Access Management and Privileged Account Management infrastructure and processes.

• On a day-to-day basis the Consultant will be involved with the configuration, monitoring, and management of:
• Anti-Virus Infrastructure
• Data Leakage Prevention system, rules, and reports
• Privileged Account Management process
• Network Access Control process and exception handling.
• Vulnerability Scanning, reporting, proposing remediation actions and tracking compliance.
• Security hardening baseline compliance scanning, reporting and remediation.
• On an ad hoc basis the consultant will support businesses in:
• Issuing, renewing, and revoking PKI digital certificates.
• Assessing internet and email use on request of Forensics or HR departments.
• The consultant will also be performing scheduled tasks like review Firewall rule configuration and report.
• The consultant will be required to report on the status of the cyber security control environments on a weekly, monthly, and quarterly basis.
• The consultant will continuously consider ways to improve the effectiveness and efficiency of monitoring and response controls.
• The consultant will contribute to Knowledge and Skills of the team, by sharing lessons learned and knowledge gained through research, conferences, training courses or through interaction with experts.

• Matric
• Information Technology diploma or degree
• Information Security certification (preferable)

At least 3 – 5 years in hands-on technical experience which includes:

• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Operating System management and Hardening (Windows, Linux, CIS hardening baselines)
• Anti-Virus System management and Configuration
• Data Leakage Prevention tool configuration
• Logical Access Management (AD, PAM)
• Information Security Operations (Security+, CISSP will be beneficial)
• Vulnerability Management (use of well-known vulnerability scanning tools and interpretation of CVSS scores)

• Security Auditing.
• Risk management.
• Incident Investigation.
• Reporting and Administration.
• Security tools monitoring.

• Interpersonal savvy - Contributing independently.
• Decision quality - Contributing independently.
• Plans and aligns - Contributing independently.
• Optimises work processes - Contributing independently.

• Cultivates innovation - Contributing independently.
• Customer focus - Contributing independently.
• Drives results - Contributing independently.
• Collaborates - Contributing independently.
• Being resilient - Contributing independently.

Market related - Monthly

Our client, a leading financial services company, is seeking an Information Security Consultant to join their team on a permanent basis.

• Security Auditing
• Responsible for Security tools monitoring
• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Operating System management and Hardening
• Anti-Virus System management and Configuration
• Logical Access Management
• Vulnerability Management

• Matric and an Information Technology diploma or degree qualification
• 4+ years experience

Salary Market Related

The role of the Cybersecurity Consultant includes contribution to technical insights relevant to client engagements and internal projects. Actively establish, maintain and strengthen internal and external relationships. Execution of cybersecurity engagements. The Cybersecurity Consultant will be responsible for the following key activities to achieve the main objectives :

• Cyber security strategies and governance models
• Setting up cyber governance, risk and controls business and technology solutions
• Assess and consult clients on data privacy, implementation of data protection POPIA / GDPR programs
• Build a full service vulnerability management offering providing clients with tailored solutions to deploy and run vulnerability management programs
• Penetration testing of systems, network and mobile environments.

Purpose of the Role :

The role of the Cybersecurity Consultant includes contribution to technical insights relevant to client engagements and internal projects. Actively establish, maintain and strengthen internal and external relationships.  Execution of cybersecurity engagements. The Cybersecurity Consultant will be responsible for the following key activities to achieve the main objectives:

 Cyber risk assessment, risk management controls testing
- Cyber security strategies and governance models
- Setting up cyber governance, risk and controls business and technology solutions
- Assess and consult clients on data privacy, implementation of data protection POPIA/ GDPR programs 
- Build a full service vulnerability management offering providing clients with tailored solutions to deploy and run vulnerability management programs
- Penetration testing of systems, network and mobile environments.

Requirements:

• Cyber risk assessment, risk management controls testing.
• Cyber security strategies and governance models
• Setting up cyber governance, risk and controls business and technology solutions
• Assess and consult clients on data privacy, implementation of data protection POPIA/ GDPR programs.
•  Build a full-service vulnerability management offering providing clients with tailored solutions to deploy and run vulnerability management programs.
• Penetration testing of systems, networks, and mobile environments.

My client in the financial industry is looking for a Cyber Security Specialist.

The role of the Cyber Security Consultant: Operations will form part of the team which focuses on Cyber Security Operations services to businesses on the Shared Network. This team is responsible for management of the PKI, Anti-Virus, Vulnerability Management, Security Configuration Management, Firewall compliance, and Web and Email content filtering environments. The team also manages the Data Leakage Prevention, Network Access Management, and Privileged Account Management infrastructure and processes.

What will you be responsible for?

On a day-to-day basis, the Consultant will be involved with the configuration, monitoring, and management of:

• Anti-Virus Infrastructure
• Data Leakage Prevention system, rules, and reports
• Privileged Account Management process
• Network Access Control - process and exception handling
• Vulnerability Scanning, reporting, proposing remediation actions, and tracking compliance
• Security hardening baseline compliance scanning, reporting, and remediation

On an ad hoc basis, the consultant will support businesses in:

• Issuing, renewing, and revoking PKI digital certificates.
• Assessing internet and email use on request of Forensics or HR departments.
• Performing scheduled tasks like reviewing Firewall rule configuration and reporting.

The consultant will be required to report on the status of the cyber security control environments on a weekly, monthly, and quarterly basis.

The consultant will continuously consider ways to improve the effectiveness and efficiency of monitoring and response controls.

The consultant will contribute to the knowledge and skills of the team by sharing lessons learned and knowledge gained through research, conferences, training courses, or interaction with experts.

Qualifications

• Matric
• Information Technology diploma or degree
• Information Security certification (preferable)

Experience

At least 3 - 5 years in hands-on technical experience which includes:

• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Anti-Virus System management and Configuration
• Data Leakage Prevention tool configuration
• Logical Access Management (AD, PAM)
• Information Security Operations (Security+, CISSP will be beneficial)
• Vulnerability Management (use of well-known vulnerability scanning tools and interpretation of CVSS scores)

Required Skills

• Security Auditing
• Reporting and Administration
• Security tools monitoring

We are seeking an experienced VERIFY DIRECTORY Consultant to provide expert-level support and services for the configuration, deployment, and support of the VERIFY DIRECTORY solution. This position is delivered on a staff augmentation basis and will work under the direction of the CLIENT’s Project Manager or Team Leader. You will collaborate closely with CLIENT’s internal technical teams to deliver solution recommendations, configuration support, and issue resolution during testing and implementation phases.

Key Responsibilities

Project Support Services

Provide technical recommendations to support VERIFY DIRECTORY resolution efforts and align the solution with CLIENT’s business requirements and objectives.

Assist in the implementation and configuration of new functions or enhancements for the IBM VERIFY DIRECTORY solution.

Support CLIENT during their testing activities by identifying and resolving VERIFY DIRECTORY-related issues.

Collaborate with CLIENT technical staff to ensure knowledge transfer, mentoring, and support continuity.

Assist in the installation or patching of VERIFY DIRECTORY and its supporting middleware.

Provide product usage guidance and best practices related to CLIENT-specific use cases.

Recommend design and implementation approaches for new feature functions as required.

Document and report work progress, issues, and planned activities via Consultant Project Journals.

Consultant Project Journals (Weekly)

Summary of completed tasks during the current reporting period.

Planned tasks for the next reporting period.

Issues encountered and resolution steps taken.

Hours worked for the current period.

Delivered in softcopy format to the CLIENT.

Key Assumptions & Exclusions

IBM VERIFY DIRECTORY is the only IBM product in-scope for this engagement.

Services do not include installation / configuration of non-IBM technologies such as Oracle databases, third-party hardware, network devices (e.g., firewalls, switches), OS systems, or patches.

No other IBM products will be supported beyond VERIFY DIRECTORY unless explicitly stated.

CLIENT will handle all project management tasks including scheduling, planning, and activity direction.

No formal training materials or courseware will be provided; information transfer is informal and occurs during regular collaboration.

Required Skills and Experience

Proven hands-on experience with IBM VERIFY DIRECTORY including configuration, deployment, and patching.

Strong understanding of directory services, LDAP, identity management, and middleware technologies.

Demonstrated experience supporting enterprise deployments of identity or directory solutions.

Ability to interpret and respond to CLIENT-specific use cases with tailored solution recommendations.

Experience working in a staff augmentation or client-directed consulting environment.

Strong problem-solving and issue-resolution skills during testing and deployment activities.

Excellent communication and documentation skills, especially in delivering informal training or mentoring.

Preferred Qualifications

IBM Certified in VERIFY DIRECTORY or related identity management technologies.

Experience working in hybrid environments (cloud / on-prem) or large enterprise IT ecosystems.

Familiarity with related IBM IAM (Identity and Access Management) solutions is a plus.

Requirements

Technical Skills :

• High standard of delivery
• Structured & analytical problem solver
• Process Mapping
• Software testing pack design, functional testing
• Clean code thinking
• Coaching and mentor to junior teammates
• Strong focus on security best practices Required Education :
• National Certificate (Matric).
• Fluent oral and written English, with strong presentation skills. Advantageous Education :
• Certified in a National Diploma, BSc Computer Science, or BCom Information Systems (or similar). Experience :
• Minimum of 2 years’ experience in developing integrations solutions with ESB technologies (WSO2, TIBCO, Apache Camel). Knowledge :
• WSO2 Identity Server (or similar competing vendor product)

Title: Senior Security Consultant (QSA)

Location: Cape Town or Johannesburg, South Africa

Job type: Full-Time Permanent

Salary: Negotiable / DOE

About Us

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town—we support more than 2,500 clients across a wide range of industries.

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we’d love to hear from you.

Job Role

The Senior QSA Consultant will lead security consultancy engagements and pre-sales processes with clients within financial services and payment card industries. Focusing on delivery of Payment Compliance services, which include but are not limited to:

· PCI specialized assessment (PIN, P2PE, SSF, 3DS, etc.)

· PCI DSS, Swift, PSD2 assessments

· GAP Analysis

· Policy and Procedure review

Primary Duties/Responsibilities include:

Pre-Sales

· Starting from the information received from the sales team, independently carry out the estimate of the effort required to deliver a security services, reporting the result to the regional lead for approval.

· Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries. Provide detailed analytical reporting, internal reporting metrics and program management. Provide leadership and mentorship to Junior consultants.

Delivery

· Prepares, organizes and supports delivery by team members of engagements offsite or at customer premises including but not limited to gap analysis, security assessment, risk and/or compliance assessment using one or more industry or regulatory standard or framework.

Processes and Documentation

· Assesses compliance related documentation including policies, procedures, standards and legislative directives.

· Provides remediation support and guidance on the security aspects of the administration and maintenance of processes & documentation, infrastructure components, applications, services and security systems.

· Delivers detailed reports following Integrity360’s reporting best practice and templates.

· Ensure QA process for Payments Compliance standards is initiated and applied for relevant projects, in cooperation with QA and Backoffice team.

· Establishes new standards and reviews existing documentation to ensure the correct application of the processes.

· In cooperation with Practice Lead(s), estimating, planning & monitoring team budget.

· Provide regular status update to internal stakeholders (Practice Lead(s), PMO).

· Participate in continuous improvement of internal processes (reporting tools, assessment automation etc.)

Communication

· Participates to external conferences and promotes Integrity360 by identifying important Industry events.

· Support marketing activities related to existing Professional Service portfolio and customer acquisition working in collaboration with marketing team.

· Act as a communication point between regional team, other professional services teams, Customer Success and other departments.

· Supports sales team in development and effort estimations for new opportunities (e.g. new and evolving industry standards).

· Stay up-to-date on developments in the Payments Compliance realm, understanding new standards and regulations and their impact on Integrity360.

Required Skills

· Relevant Experience in Fintech industry and security standards & directives consultancy services (PCI DSS, PSD2, ISO 27001, SWIFT, etc.)

· Cryptography techniques including algorithms, key management, and key lifecycle.

· Public key infrastructure (PKI) and the role and operations of a Certification Authority (CA) and Registration Authority (RA)

· Hardware security modules (HSMs) operations, policies, and procedures

· POI key-injection systems and techniques including key-loading devices (KLDs) and key management methods, such as Master/Session or DUKPT

· Physical security techniques for high-security areas

· Authentication methods and techniques

· Security Integrity controls

· Computer Networking (routing, switching, firewall network filtering)

· Operating Systems hardening and administration (Linux/Unix, Windows) .

Core Competencies

· Problem Solving (analysis, helicopter view, problem setting, decision making)

· Planning and Organization (time management, scheduling and control)

· Communication (clearness, listening, persuasion, negotiation, public speaking)

· Networking (reinforce relationships, use emotional intelligence and personal proximity)

· Results Orientation (delivering solutions, work under pressures)

· Leading and Empowering People (self-confidence, establishing focus, providing motivational support and feedback, fostering teamwork and integration)

· Economic Sensitivity (Economic variables evaluation, Profit & Loss dynamics)

Certifications/Qualifications

• Qualified Security Assessor (QSA) is a must

S-RM is looking for a Senior Offensive Security Consultant to join our Cyber Security team in Cape Town.

Offensive Security consultants run the delivery of our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings.

As an OS consultant, you will work across the full spectrum of our pentesting services, whether point in time or continuous, as well as participate in larger engagements such as red teams. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks.

As a senior consultant, you will be responsible for supporting commercial efforts, as well as line management and maintenance of standards, tools and knowledge. We are looking for someone with a strong business acumen and technical background who can help us shape, sell and deliver impactful resilience workstreams to our clients. The commercial and leadership aspect of this role will take approximately 40% of your time, the rest being focused on delivery.

Client Engagement and Account Management

• Engage with clients to understand their cyber security challenges
• Translate client challenges into solutions that fit S-RM’s Offensive Security service offering and value proposition
• Lead on proposal writing and presentations, with an understanding of delivery timelines, project resourcing requirements and pricing
• Contribute to the expansion of client accounts and winning of new business
• Gain an understanding of S-RM’s target sectors and industries

Offensive Security

• Penetration testing
  • Vulnerability assessments and monitoring
  • External infrastructure
  • Web application
  • API pentesting
  • Phishing and spear phishing
  • Internal pentesting
  • Mobile application pentesting (Android and iOS)
  • OT Pentesting
• Red teaming
  • Support senior team members in the delivery of red team assessments (end to end, breaching the perimeter, assumed breach, bespoke)
• Configuration Reviews
  • Cloud configuration review
  • Application configuration review
  • Hardware build review
• Delivery
  • Deliver findings in a range of formats, including written reports, presentations, and verbal briefings
• Training
  • Support the development and delivery of cyber security training packages on a range of topics
  • Deliver client training on phishing/awareness/general cyber topics.
• Keep abreast of threat intelligence developments, threat actor activity and security industry developments in mitigations and tooling
• Develop and deliver client threat profiles, threat assessments and dark web analysis

Mentoring and technical leadership

• Provide oversight, shadowing and knowledge sharing opportunities for pentesting to other team members
• Participate in monthly knowledge sharing sessions
• Gain an understanding of our cyber services outside of offensive security (incident response, cyber advisory, digital forensics) and support with offensive security skills where required
• Identify and address internal capability gaps with the support of senior team members

The successful candidate must have permission to work in South Africa by the start of their employment.

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 23 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
• Life Insurance 4X annual salary.

Parental Support:

• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

• Medical Aid (taxable benefit) for you and your immediate family
• EAP program for you and your immediate family;
• Free access to the world-famous mindfulness app

We have a new and exciting role available within our Cyber Security division in Cape Town for a Senior Offensive Security Consultant .

Offensive Security consultants run the delivery of our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings.

As an OS consultant, you will work across the full spectrum of our pentesting services, whether point in time or continuous, as well as participate in larger engagements such as red teams. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape, and become better prepared to face dynamic and evolving security risks.

As a senior consultant, you will be responsible for supporting commercial efforts, line management, and maintaining standards, tools, and knowledge. We seek someone with strong business acumen and technical expertise who can help shape, sell, and deliver impactful resilience workstreams. The commercial and leadership aspects will take about 40% of your time, with the remaining focus on delivery.

Client Engagement and Account Management

• Engage with clients to understand their cybersecurity challenges.
• Translate client challenges into tailored solutions that align with S-RM’s Offensive Security offerings.
• Lead proposal writing and presentations, considering delivery timelines, resource requirements, and pricing.
• Contribute to expanding client accounts and securing new business.
• Develop an understanding of S-RM’s target sectors and industries.

Offensive Security

• Penetration testing
  • Vulnerability assessments and monitoring
  • External infrastructure testing
  • Web application testing
  • API pentesting
  • Phishing and spear phishing simulations
  • Internal pentesting
  • Mobile application pentesting (Android and iOS)
  • OT pentesting
• Red teaming
  • Support senior team members in delivering red team assessments, including end-to-end testing, perimeter breaches, and bespoke scenarios.
• Configuration Reviews
  • Cloud configuration review
  • Application configuration review
  • Hardware build review
• Delivery
  • Present findings through reports, presentations, and briefings.
• Training
  • Assist in developing and delivering cybersecurity training on various topics.
  • Conduct client training sessions on phishing, awareness, and general cybersecurity topics.
• Stay updated on threat intelligence, threat actor activities, and industry developments in mitigation and tooling.
• Develop and deliver client threat profiles, threat assessments, and dark web analyses.

Mentoring and Technical Leadership

• Provide oversight, shadowing, and knowledge sharing in pentesting.
• Participate in monthly knowledge sharing sessions.
• Gain understanding of other cyber services (incident response, digital forensics, cyber advisory) and support offensive security skills development.
• Identify and address internal capability gaps with senior support.

The successful candidate must have permission to work in South Africa by the start of employment.

Our benefits include:

• 23 days holiday per year, plus public holidays (+1 day per year of service up to 30 days)
• Hybrid and flexible working hours
• Matching pension contributions up to 7% (max 14%) and financial education
• Life insurance of 4x annual salary

Parental support benefits include:

• Fertility treatment leave: 5 days per treatment cycle
• Maternity leave: 26 weeks full pay, followed by 13 weeks half pay
• Paternity leave: 6 weeks full pay

Additional health and medical benefits include:

• Medical aid for you and immediate family
• EAP programs for you and immediate family
• Free access to a mindfulness app

Stay informed with industry news and insights delivered straight to your inbox.