80 Security Lead jobs in South Africa
Application Security Lead
Posted 13 days ago
Job Viewed
Job Description
Join to apply for the Application Security Lead role at R2R Consultants LLP .
4 weeks ago Be among the first 25 applicants.
This range is provided by R2R Consultants LLP. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay rangeZAR660,000.00/yr - ZAR960,000.00/yr
Job DescriptionThe Lead Application Security position is responsible for providing technical leadership in securing software applications across the organization. This role involves implementing security policies, conducting security assessments, and working closely with development teams to ensure applications are designed and maintained with robust security measures. The Lead Application Security works with development teams to integrate security best practices throughout the software development lifecycle, helping to mitigate risks and protect organizational data and systems.
Certification Must HaveCISSP, CSSLP, GWAPT, OSCP, CKS, Cloud Security certifications (AWS Security, Azure Security, or GCP Security) preferred.
The Role Key Accountabilities- Lead the technical implementation of application security initiatives, ensuring alignment with organizational security strategy.
- Design and implement security controls throughout the software development lifecycle (SDLC).
- Conduct detailed threat modeling and risk assessments for critical applications.
- Perform advanced code reviews, penetration testing, and vulnerability assessments.
- Lead the remediation of security vulnerabilities and track resolution progress.
- Deliver application security training and mentor junior team members.
- Monitor emerging threats and vulnerabilities, recommending appropriate security measures.
- Collaborate with development and operations teams to embed security in the SDLC.
- Provide technical guidance and mentorship to application security team members.
- Implement and maintain container security policies and best practices.
- Assess and enhance security measures for containerized applications.
- Review and secure cloud-native application architectures.
- Security Testing: Advanced experience with SAST, DAST, and IAST methodologies.
- DevSecOps: Experience integrating security into CI/CD pipelines.
- Security Frameworks: In-depth knowledge of OWASP, NIST, and ISO 27001.
- You have at least 6 years experience, ideally within an IT Security role.
- You have good interpersonal and communication skills and are adept at working with multiple stakeholders to drive desired outcomes.
- You have working knowledge of security testing, SAST, OWASP, ISO 27001, and CI/CD.
- You are a strong networker & relationship builder.
- You possess strong analytical skills and are comfortable dealing with numerical data.
- You are a strong team player who can manage multiple stakeholders.
- Leadership Role
- Excellent career development opportunities
- Mid-Senior level
- Full-time
- Information Technology
- Information Services and Software Development
Application security lead
Posted today
Job Viewed
Job Description
Application security lead
Posted today
Job Viewed
Job Description
Cyber Security Lead - Red Team
Posted 2 days ago
Job Viewed
Job Description
JOB TITLE:
Cyber Security Lead – Red Team (Administrative Focus)
LOCATION:
Johannesburg / Cape Town (Remote / Hybrid)
ABOUT CYBERLOGIC:
Cyberlogic is a trusted Managed Solutions Provider with offices in South Africa, Mauritius, and the UK. Serving a diverse range of clients, spanning numerous industries, including the international maritime sector, Cyberlogic specialises in IT leadership, cyber security, cloud solutions, and business intelligence. For almost three decades, Cyberlogic has been committed to enabling digital transformation through delivering unquestionable value.
Our delivery focus has enabled us to build up a national and international footprint of loyal clients that rely on us to provide transparent, open guidance to improve their processes, grow their businesses, and secure their data.
Cyberlogic is part of the Hyperclear Technology group, which boasts a diverse technology offering including robotic process automation (RPA), business process management (BPM) data analytics, and decisioning technology.
Through our non-profit, R4C (Ride for a Child) , we partner with Bright Start Education Foundation, an organisation empowering deserving learners from underprivileged communities, providing holistic support and guidance throughout their educational careers.
OUR VALUES:
• We challenge ourselves to be more AWESOME
• We are driven to KEEP learning and EVOLVING
• We look beyond symptoms to identify and RESOLVE ROOT CAUSES
• We hold each other accountable through CANDID and constructive FEEDBACK
• We respect and care for each other and know we will only SUCCEED if we work AS A TEAM
• We CARE deeply ABOUT the success of CYBERLOGIC
• We FINISH WHAT WE START
• We always GIVE OUR BEST even if it means putting in the hard yards
• We KEEP THINGS SIMPLE
PURPOSE OF POSITION:
We are seeking a Red Team Lead with a strong focus on administrative operations and team coordination to support our red team within a Managed Security Services Provider (MSSP) environment. This role is designed to offload non-technical responsibilities from our technical leadership, enabling them to focus on fieldwork, mentorship, and service quality.
The ideal candidate excels at operational coordination, documentation, and cross-team communication—and is confident supporting business functions such as proposal writing, Statement of Work creation, and internal liaison with sales and project management teams.
KEY RESPONSIBILITIES:
Team & Operational Coordination
- Act as the main liaison between the red team and the Project Management Office (PMO) for resource planning, timelines, and engagement handoffs.
- Coordinate technical team availability, training, and internal initiatives.
- Maintain visibility over active and upcoming engagements to support resource and capacity planning.
People Leadership
- Be a people leader to a team of Cyber Security Red Teamers.
- Conduct performance reviews on subordinates.
- Manage team member leave requests.
- Have 1 on 1s with team members.
- Perform initiatives from a leader perspective that can improve team morale and increase our employee value proposition.
Administrative Leadership
- Manage and maintain documentation processes, including version control, internal QA coordination, and standardised templates.
- Maintain team operational assets such as tooling inventories, internal process documents, and reporting checklists.
- Ensure consistent and efficient delivery operations across all red team engagements.
Sales Enablement & Scoping Support
- Support the sales and pre-sales teams in creating engagement proposals, scopes, and pricing estimates (e.g., Bill of Materials).
- Draft and review Statements of Work (SoWs) for red team services, ensuring they align with delivery capabilities and client expectations.
- Participate in scoping calls to gather and clarify engagement requirements and assist in translating them into deliverable-ready documents.
- Ensure alignment between red team delivery, client expectations, and contractual terms.
Client & Stakeholder Engagement Support
- Attend client calls (scoping, planning, debriefs) in a supporting capacity—documenting decisions, next steps, and action items.
- Coordinate feedback, QA processes, and delivery of final reports and documentation.
- Facilitate clear communication between clients, red team members, PMO, and sales.
Operational Development:
- Work with red team members and PMO to optimise internal workflows, team communications, and knowledge management.
- Track and report on engagement metrics such as QA outcomes, documentation timelines, and delivery consistency.
- Help streamline internal tools and documentation processes to support team efficiency and scalability.
Support & Collaboration
- Assist the technical lead in organising internal mentorship programs, training schedules, and knowledge sharing sessions.
- Track certifications, training completion, and team development initiatives.
- Coordinate onboarding processes and logistics for new red team members.
KEY REQUIREMENTS:
Required Skills & Experience:
- 3+ years in an operational, coordination, or technical support role in cyber security or a related technology field.
- Familiarity with red team or offensive security concepts, services, and delivery models.
- Experience supporting sales or pre-sales efforts through documentation or scoping support.
- Exceptional organisational and documentation skills.
- Strong communication skills, with the ability to interface across technical, sales, and client-facing teams.
- Proficient in tools such as Microsoft 365.
Preferred Qualifications:
- Experience with writing or contributing to Statements of Work, proposals, and project scoping documentation.
- Background supporting MSSP or consulting environments.
- Exposure to QA processes and documentation standards in technical or security teams.
- Understanding of compliance and security frameworks (PCI-DSS, ISO 27001, NIST, etc.).
WHAT SUCCESS LOOKS LIKE:
- Red team operations are seamless and consistent, with a clear separation between technical and administrative responsibilities.
- The technical lead is free to focus on fieldwork, technical QA, and team mentorship, while engagements are well-supported behind the scenes.
- Sales and PMO teams are supported with accurate, timely input for proposals, SoWs, and engagement planning.
- Clients experience smooth communication, timely deliverables, and consistently high-quality service.
Should you work from home, it is your responsibility to ensure that you have uninterrupted internet connectivity and a ‘work-like’ environment at your home location to deliver your best in terms of performance and productivity.
#J-18808-LjbffrCyber Security Lead - Red Team
Posted today
Job Viewed
Job Description
JOB TITLE:
Cyber Security Lead – Red Team (Administrative Focus)
LOCATION:
Johannesburg / Cape Town (Remote / Hybrid)
ABOUT CYBERLOGIC:
Cyberlogic is a trusted Managed Solutions Provider with offices in South Africa, Mauritius, and the UK. Serving a diverse range of clients, spanning numerous industries, including the international maritime sector, Cyberlogic specialises in IT leadership, cyber security, cloud solutions, and business intelligence. For almost three decades, Cyberlogic has been committed to enabling digital transformation through delivering unquestionable value.
Our delivery focus has enabled us to build up a national and international footprint of loyal clients that rely on us to provide transparent, open guidance to improve their processes, grow their businesses, and secure their data.
Cyberlogic is part of the Hyperclear Technology group, which boasts a diverse technology offering including robotic process automation (RPA), business process management (BPM) data analytics, and decisioning technology.
Through our non-profit, R4C (Ride for a Child) , we partner with Bright Start Education Foundation, an organisation empowering deserving learners from underprivileged communities, providing holistic support and guidance throughout their educational careers.
OUR VALUES:
• We challenge ourselves to be more AWESOME
• We are driven to KEEP learning and EVOLVING
• We look beyond symptoms to identify and RESOLVE ROOT CAUSES
• We hold each other accountable through CANDID and constructive FEEDBACK
• We respect and care for each other and know we will only SUCCEED if we work AS A TEAM
• We CARE deeply ABOUT the success of CYBERLOGIC
• We FINISH WHAT WE START
• We always GIVE OUR BEST even if it means putting in the hard yards
• We KEEP THINGS SIMPLE
PURPOSE OF POSITION:
We are seeking a Red Team Lead with a strong focus on administrative operations and team coordination to support our red team within a Managed Security Services Provider (MSSP) environment. This role is designed to offload non-technical responsibilities from our technical leadership, enabling them to focus on fieldwork, mentorship, and service quality.
The ideal candidate excels at operational coordination, documentation, and cross-team communication—and is confident supporting business functions such as proposal writing, Statement of Work creation, and internal liaison with sales and project management teams.
KEY RESPONSIBILITIES:
Team & Operational Coordination
- Act as the main liaison between the red team and the Project Management Office (PMO) for resource planning, timelines, and engagement handoffs.
- Coordinate technical team availability, training, and internal initiatives.
- Maintain visibility over active and upcoming engagements to support resource and capacity planning.
People Leadership
- Be a people leader to a team of Cyber Security Red Teamers.
- Conduct performance reviews on subordinates.
- Manage team member leave requests.
- Have 1 on 1s with team members.
- Perform initiatives from a leader perspective that can improve team morale and increase our employee value proposition.
Administrative Leadership
- Manage and maintain documentation processes, including version control, internal QA coordination, and standardised templates.
- Maintain team operational assets such as tooling inventories, internal process documents, and reporting checklists.
- Ensure consistent and efficient delivery operations across all red team engagements.
Sales Enablement & Scoping Support
- Support the sales and pre-sales teams in creating engagement proposals, scopes, and pricing estimates (e.g., Bill of Materials).
- Draft and review Statements of Work (SoWs) for red team services, ensuring they align with delivery capabilities and client expectations.
- Participate in scoping calls to gather and clarify engagement requirements and assist in translating them into deliverable-ready documents.
- Ensure alignment between red team delivery, client expectations, and contractual terms.
Client & Stakeholder Engagement Support
- Attend client calls (scoping, planning, debriefs) in a supporting capacity—documenting decisions, next steps, and action items.
- Coordinate feedback, QA processes, and delivery of final reports and documentation.
- Facilitate clear communication between clients, red team members, PMO, and sales.
Operational Development:
- Work with red team members and PMO to optimise internal workflows, team communications, and knowledge management.
- Track and report on engagement metrics such as QA outcomes, documentation timelines, and delivery consistency.
- Help streamline internal tools and documentation processes to support team efficiency and scalability.
Support & Collaboration
- Assist the technical lead in organising internal mentorship programs, training schedules, and knowledge sharing sessions.
- Track certifications, training completion, and team development initiatives.
- Coordinate onboarding processes and logistics for new red team members.
KEY REQUIREMENTS:
Required Skills & Experience:
- 3+ years in an operational, coordination, or technical support role in cyber security or a related technology field.
- Familiarity with red team or offensive security concepts, services, and delivery models.
- Experience supporting sales or pre-sales efforts through documentation or scoping support.
- Exceptional organisational and documentation skills.
- Strong communication skills, with the ability to interface across technical, sales, and client-facing teams.
- Proficient in tools such as Microsoft 365.
Preferred Qualifications:
- Experience with writing or contributing to Statements of Work, proposals, and project scoping documentation.
- Background supporting MSSP or consulting environments.
- Exposure to QA processes and documentation standards in technical or security teams.
- Understanding of compliance and security frameworks (PCI-DSS, ISO 27001, NIST, etc.).
WHAT SUCCESS LOOKS LIKE:
- Red team operations are seamless and consistent, with a clear separation between technical and administrative responsibilities.
- The technical lead is free to focus on fieldwork, technical QA, and team mentorship, while engagements are well-supported behind the scenes.
- Sales and PMO teams are supported with accurate, timely input for proposals, SoWs, and engagement planning.
- Clients experience smooth communication, timely deliverables, and consistently high-quality service.
Should you work from home, it is your responsibility to ensure that you have uninterrupted internet connectivity and a ‘work-like’ environment at your home location to deliver your best in terms of performance and productivity.
#J-18808-LjbffrCyber security lead - red team
Posted today
Job Viewed
Job Description
Cyber security lead - red team
Posted today
Job Viewed
Job Description
Be The First To Know
About the latest Security lead Jobs in South Africa !
Information Security Management System (ISMS) Specialist
Posted 13 days ago
Job Viewed
Job Description
Join to apply for the Information Security Management System (ISMS) Specialist role at Vector Logistics
Information Security Management System (ISMS) SpecialistJoin to apply for the Information Security Management System (ISMS) Specialist role at Vector Logistics
Overview
We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.
Permanent
Midrand
Overview
We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.
But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.
Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.
Job Purpose
Information Security Management System (ISMS) Specialist is responsible for the end-to-end implementation, maintenance, and continuous improvement of the Information Security Management System (ISMS) in accordance with ISO/IEC 27001 standards. The incumbent will play a pivotal role in ensuring the confidentiality, integrity, and availability of our information assets, while also ensuring compliance with legal and regulatory requirements.
Key Responsibilities
ISMS Development And Implementation
- Lead the design, implementation, and continuous improvement of an ISMS aligned with ISO/IEC 27001 and other relevant frameworks (e.g., NIST, POPIA, CIS, CSA etc.).
- Develop, implement, and maintain information security policies, procedures, and guidelines.
- Assess existing information security practices and recommend improvements.
- Ensure the organization's ISMS aligns with business needs, regulatory requirements, and industry best practices.
- Perform risk assessments to identify potential security risks to the organization's information assets in alignment to ISO 31000.
- Develop risk treatment plans and assist in the implementation of risk mitigation strategies.
- Conduct ongoing risk assessments and audits to ensure the effectiveness of the ISMS.
- Ensure compliance with ISO/IEC 27001 and other industry standards and regulations.
- Prepare the organization for certification audits and support the audit process.
- Coordinate with auditors and certification bodies.
- Maintain records and documentation to ensure traceability and compliance with ISMS requirements.
- Provide training to staff and management on information security best practices, policies, and compliance requirements.
- Promote a culture of information security awareness across the organization.
- Support the creation of an internal security awareness program.
- Assist in the development and testing of incident response plans.
- Provide guidance and support in handling information security incidents.
- Ensure incidents are documented and reported in accordance with regulatory and contractual obligations & assist in post-incident analysis to determine the cause and recommend preventive actions.
- Define and monitor ISMS-related KPIs and metrics.
- Monitor and report on the performance of the ISMS, identifying areas for improvement.
- Monitor compliance with security policies and procedures.
- Lead regular internal audits to assess the effectiveness of the ISMS.
- Recommend and implement improvements based on audit findings, risk assessments, and evolving industry practices.
- Keep up-to-date with emerging threats, vulnerabilities, and regulatory changes.
- Assess and monitor third-party vendors and service providers for information security compliance.
- Assist in the integration of ISMS controls into third-party contracts and SLAs.
Key Relationship 1
- This role plays a critical role in managing and maintaining relationships with both internal and external stakeholders.
- These interactions are essential for ensuring the organization’s security posture is robust and aligned with its strategic objectives.
Qualifications, Skills and Experience Required for the Job
- Bachelor’s Degree: A bachelor’s degree in information security, Computer Science, Information Technology, or a related field is required.
- Mandatory Requirement: ISO27001 Lead Implementer Preferrable: ISO27001 Lead Auditor, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)
- The ISMS Specialist role demands a robust combination of technical expertise, specialized knowledge, and strong leadership abilities. The ideal candidate must have an intrinsic understanding of the ISMS statement of applicability.
- The ideal candidate should possess in-depth knowledge of information security frameworks such as ISO/IEC 27001, NIST, and CIS Controls. Familiarity with IT governance frameworks (e.g., COBIT, ITIL)., and have extensive experience in risk management, incident response, and compliance, particularly with South African regulations like POPIA and the Cybercrimes Act.
- Soft skills such as excellent communication, adaptability, attention to detail, and ethical judgment are also vital, enabling the Information Security Compliance Specialist to convey complex security concepts, adapt to evolving threats, and uphold the highest standards of security and privacy within the organization. Experience in BIA, BCM, DR.Include experience in vulnerability management, patching, JML.
- Minimum of 7-10 years of experience in the field of information security, cybersecurity, or a related discipline, with at least 1-3 years in a managerial or leadership capacity. This experience should include hands-on management of security frameworks such as ISO/IEC 27001 and NIST, as well as significant exposure to risk management, incident response, and compliance with industry regulations.
- Proven experience of leading ISO/IEC 27001 certification projects and certification maintenance.
- Experience in working with ISO27001 certification bodies.
- Development of audit and ISMS remediation plans.
- Familiarity with data protection laws and industry regulations.
- Relevant professional certifications such as CISM, CRISC, or CISA, which validate their expertise in key areas of information security. Knowledge of security tools, including Microsoft Sentinel, CyberReason, and Microsoft Defender, is essential for managing the organization’s security posture effectively.
- Strategic Thinking: Ability to align security strategies with business objectives and anticipate future challenges.
- Technical Expertise: Knowledge of security frameworks, technologies, and tools, with strong proficiency in threat analysis and mitigation.
- People Management: Strong leadership skills to build, manage, and effectively leverage external resources.
- Decision-Making and Judgment: High discretion in making critical security decisions, balancing immediate needs with long-term goals.
- Collaboration and Communication: Excellent interpersonal skills for engaging with both technical and non-technical stakeholders and building strong relationships.
- Problem-Solving and Analytical Skills: Strong analytical abilities to assess and resolve complex security issues across organizational boundaries.
- Compliance and Regulatory Knowledge: In-depth understanding of relevant regulations and standards, ensuring ongoing compliance.
- Adaptability and Resilience: Ability to adapt to changing security landscapes and manage high-pressure situations.
- Ethical Integrity: Commitment to upholding the highest ethical standards in all security practices
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Transportation, Logistics, Supply Chain and Storage
Referrals increase your chances of interviewing at Vector Logistics by 2x
Sign in to set job alerts for “Information Security Specialist” roles.Johannesburg, Gauteng, South Africa 2 days ago
Johannesburg, Gauteng, South Africa 1 week ago
Johannesburg Metropolitan Area 3 days ago
Johannesburg, Gauteng, South Africa 1 month ago
Randburg, Gauteng, South Africa 4 days ago
Johannesburg, Gauteng, South Africa 1 week ago
Randburg, Gauteng, South Africa 5 days ago
Senior Manager: Information Systems Audit (Cyber Security)Pretoria, Gauteng, South Africa 2 weeks ago
Johannesburg Metropolitan Area 3 days ago
Centurion, Gauteng, South Africa 4 days ago
Johannesburg, Gauteng, South Africa 1 day ago
Johannesburg, Gauteng, South Africa 6 days ago
Johannesburg, Gauteng, South Africa 5 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrInformation Security Management System (ISMS) Specialist
Posted 13 days ago
Job Viewed
Job Description
Information Security Management System (ISMS) Specialist
Permanent
Midrand
Overview
We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled network in Southern Africa.
But we are also more than that. We are people serving people. While we boast the best in tech and infrastructure, our people are our greatest resource. With our skilled, curious, can-do people at the forefront, our assets become your assets, our service your solutions.
Vector’s vehicle fleet includes a food industry first in ‘multi-temperature’ vehicles enabling the company to service business across frozen, chilled and ambient temperature zones on a single delivery.
Job Purpose
Information Security Management System (ISMS) Specialist isresponsible for the end-to-end implementation, maintenance, and continuousimprovement of the Information Security Management System (ISMS) in accordancewith ISO/IEC 27001 standards. The incumbent will play a pivotal role inensuring the confidentiality, integrity, and availability of our informationassets, while also ensuring compliance with legal and regulatory requirements.
Key Responsibilities
ISMS Development and Implementation:
- Lead the design, implementation, and continuous improvement of an ISMS aligned with ISO/IEC 27001 and other relevant frameworks (e.g., NIST, POPIA, CIS, CSA etc.).
- Develop, implement, and maintain information security policies, procedures, and guidelines.
- Assess existing information security practices and recommend improvements.
- Ensure the organization's ISMS aligns with business needs, regulatory requirements, and industry best practices.
Risk Assessment and Management:
- Perform risk assessments to identify potential security risks to the organization's information assets in alignment to ISO 31000.
- Develop risk treatment plans and assist in the implementation of risk mitigation strategies.
- Conduct ongoing risk assessments and audits to ensure the effectiveness of the ISMS.
Compliance and Audits:
- Ensure compliance with ISO/IEC 27001 and other industry standards and regulations.
- Prepare the organization for certification audits and support the audit process.
- Coordinate with auditors and certification bodies.
- Maintain records and documentation to ensure traceability and compliance with ISMS requirements.
Training and Awareness:
- Provide training to staff and management on information security best practices, policies, and compliance requirements.
- Promote a culture of information security awareness across the organization.
- Support the creation of an internal security awareness program.
Incident Response and Management:
- Assist in the development and testing of incident response plans.
- Provide guidance and support in handling information security incidents.
- Ensure incidents are documented and reported in accordance with regulatory and contractual obligations & assist in post-incident analysis to determine the cause and recommend preventive actions.
Continuous Improvement:
- Define and monitor ISMS-related KPIs and metrics.
- Monitor and report on the performance of the ISMS, identifying areas for improvement.
- Monitor compliance with security policies and procedures.
- Lead regular internal audits to assess the effectiveness of the ISMS.
- Recommend and implement improvements based on audit findings, risk assessments, and evolving industry practices.
- Keep up-to-date with emerging threats, vulnerabilities, and regulatory changes.
Vendor and Third-Party Risk Management:
- Assess and monitor third-party vendors and service providers for information security compliance.
- Assist in the integration of ISMS controls intothird-party contracts and SLAs.
Key Relationships
Key Relationship 1
- This role plays a critical role in managing and maintaining relationships with both internal and external stakeholders.
- These interactions are essential for ensuringthe organization’s security posture is robust and aligned with its strategicobjectives.
Qualifications, Skills and Experience Required for the Job
Qualifications and Experience
- Bachelor’s Degree: A bachelor’s degree in information security, Computer Science, Information Technology, or a related field is required.
- Mandatory Requirement: ISO27001 Lead Implementer
Preferrable:ISO27001 Lead Auditor, Certified Information Security Manager (CISM), CertifiedInformation Systems Auditor (CISA)
- The ISMS Specialist role demands a robust combination of technical expertise, specialized knowledge, and strong leadership abilities. The ideal candidate must have an intrinsic understanding of the ISMS statement of applicability.
- The ideal candidate should possess in-depth knowledge of information security frameworks such as ISO/IEC 27001, NIST, and CIS Controls. Familiarity with IT governance frameworks (e.g., COBIT, ITIL)., and have extensive experience in risk management, incident response, and compliance, particularly with South African regulations like POPIA and the Cybercrimes Act.
- Soft skills such as excellent communication, adaptability, attention to detail, and ethical judgment are also vital, enabling the Information Security Compliance Specialist to convey complex security concepts, adapt to evolving threats, and uphold the highest standards of security and privacy within the organization. Experience in BIA, BCM, DR.Include experience in vulnerability management, patching, JML.
- Minimum of 7-10 years of experience in the field of information security, cybersecurity, or a related discipline, with at least 1-3 years in a managerial or leadership capacity. This experience should include hands-on management of security frameworks such as ISO/IEC 27001 and NIST, as well as significant exposure to risk management, incident response, and compliance with industry regulations.
- Proven experience of leading ISO/IEC 27001 certification projects and certification maintenance.
- Experience in working with ISO27001 certification bodies.
- Development of audit and ISMS remediation plans.
- Familiarity with data protection laws and industry regulations.
- Relevant professional certifications such as CISM, CRISC, or CISA, which validate their expertise in key areas of information security. Knowledge of security tools, including Microsoft Sentinel, CyberReason, and Microsoft Defender, is essential for managing the organization’s security posture effectively.
Skills and Competencies
- Strategic Thinking: Ability to align security strategies with business objectives and anticipate future challenges.
- Technical Expertise: Knowledge of security frameworks, technologies, and tools, with strong proficiency in threat analysis and mitigation.
- People Management: Strong leadership skills to build, manage, and effectively leverage external resources.
- Decision-Making and Judgment: High discretion in making critical security decisions, balancing immediate needs with long-term goals.
- Collaboration and Communication: Excellent interpersonal skills for engaging with both technical and non-technical stakeholders and building strong relationships.
- Problem-Solving and Analytical Skills: Strong analytical abilities to assess and resolve complex security issues across organizational boundaries.
- Compliance and Regulatory Knowledge: In-depth understanding of relevant regulations and standards, ensuring ongoing compliance.
- Adaptability and Resilience: Ability to adapt to changing security landscapes and manage high-pressure situations.
- Ethical Integrity: Commitment to upholding thehighest ethical standards in all security practices
We look forward to hearing from you!
#J-18808-LjbffrInformation security management system (isms) specialist
Posted today
Job Viewed