103 Security Managers jobs in South Africa

Join to apply for the Divisional Head: Security Integrity Management role at South African Reserve Bank

Join to apply for the Divisional Head: Security Integrity Management role at South African Reserve Bank

Job title: Divisional Head: Security Integrity Management

Organisation: Security Integrity Management Division

Department: Group Security Management Department

The main purpose of this position is to provide leadership and strategic direction as well as manage the provision of security integrity management services within the SARB Group. This includes the provision and oversight of security investigations, security personnel vetting, project security, due diligence and integrity management.

Detailed description

The successful candidate will be responsible for the following key performance areas:

• Oversee the functions of the division (i.e. security investigations, security personnel vetting, project security, due diligence and integrity management) to ensure effective delivery.

• Provide input into the departmental strategy and policy in line with the South African Reserve Bank’s (SARB) strategy, and communicate and clarify the vision and strategic goals of the department to own team.

• Develop and implement policies for the division in line with the departmental strategy.

• Develop and implement the divisional operational plan to ensure strategic and operational objectives are achieved.

• Ensure compliance with policy, procedures and audit findings to mitigate risk in the division.

• Oversee the management of all personnel and resources allocated to the division.

• Create a performance culture in the division, define performance expectations and conduct effective performance management of direct reports.

• Oversee the prioritisation of work and resource utilisation.

• Oversee the divisional costs, ensuring alignment with related functions and the organisational value chain.

• Oversee and authorise the provision of management information for the decision-making purposes.

• Collaborate with senior leadership to develop and enforce security policies and procedures that align with organisational goals and industry best practices.

• Provide expert guidance on security matters to project teams and stakeholders, ensuring that security considerations are integrated into project planning and execution.

• Develop and provide reports on due diligence and personnel risk to senior management and relevant committees.

Job requirements

To be considered for this position, candidates must have:

• an Honours degree/Postgraduate Diploma (NQF8) in Internal Audit, Risk Management, Social Science (Psychology/Sociology/Criminology) or an equivalent qualification;

• a minimum of 10 years’ experience in security and/or security risk management with at least five years in a senior management position; and

• sound knowledge and experience in areas such as security investigations, personnel security vetting, project security, due diligence and integrity management, and stakeholder engagement.

The following would be an added advantage:

• successfully completed a Senior Management Development Programme.

Additional requirements include:

• strategic thinking;

• building and maintaining trust;

• developing and empowering others;

• fostering diversity and inclusion;

• leading teams through effective communication and collaboration;

• managing complexity and ambiguity;

• building and maintaining relationships;

• a drive for results; and

• sound judgement and decision-making skills.

This position will be advertised internally and externally. Recruitment agencies will be consulted, and referrals will also be accepted.

How to apply

All interested parties are invited to apply.

Internal applicants MUST apply through the HCM Cloud Solution.

Follow these links:

• Under Current Jobs , click on Search Jobs , then select the job you want to apply for.

External applicants MUST apply online, via .

All available vacancies will be visible.

Follow these links:

• Click on WORK @ SARB (Career opportunities ).

• Under Latest vacancies , scroll to ‘For more vacancies click here’ and click on here .

• Click on All jobs .

• Select the job you want to apply for.

− Is this your first visit to our Job Site? > Register today (Ensure that you include all your skills and qualifications during the registration process.); or

− Already registered on our Job Site? > Already registered? > Login here.

Do not enclose copies of your identity document or qualifications with your application.

Shortlisted applicants will be subjected to a psychometric assessment, an appropriate reference check and a security clearance as part of the selection process.

The closing date for applications is 6 August 2025 . Late applications will not be considered.

In line with the SARB’s commitment to diversifying its workforce, preference will be given to suitable candidates from designated groups. People with disabilities are welcome to apply.

The SARB offers remuneration and benefits commensurate with the level of the position and in line with the market. The level at which the successful applicant will be appointed will depend on his/her competence and experience.

Human Resources Department

• Seniority level Executive

• Employment type Full-time

• Job function Strategy/Planning, Analyst, and Accounting/Auditing
• Industries Banking, Financial Services, and Security and Investigations

Referrals increase your chances of interviewing at South African Reserve Bank by 2x

Get notified about new Director of Security jobs in Gauteng, South Africa .

Bryanston, Gauteng, South Africa 2 days ago

Centurion, Gauteng, South Africa 1 week ago

Centurion, Gauteng, South Africa 1 week ago

Centurion, Gauteng, South Africa 1 week ago

Illovo, Gauteng, South Africa 1 month ago

Illovo, Gauteng, South Africa 1 month ago

Centurion, Gauteng, South Africa 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Advert reference: uj_001817

Advert status: Online

Apply by: 21 February 2025

Job category: Education and Training

Campus: Auckland Park Kingsway Campus

Contract: Permanent

Remuneration: Market Related

EE position: EE

The University of Johannesburg (UJ) is a vibrant and cosmopolitan university, anchored in Africa and driven by a powerful strategy focused on attaining global excellence and stature (GES). With an emphasis on independent thinking, sustainable development, and strategic partnerships, UJ is an international university of choice. The University is guided by the Vice-Chancellor’s vision of “Positioning UJ in the Fourth Industrial Revolution (4IR) for societal impact in the context of the changing social, political, and economic fortunes of Africa”.

Reporting to the Chief Information Officer within the Information and Communications Systems (ICS) Department, the Director of Information Security Management will be responsible for developing and implementing security strategies, policies and procedures to protect the organisation's data, systems and technology infrastructure from cyber threats and vulnerabilities. Upon joining the Department, you will:

• Be situated at the Auckland Park Kingsway Campus, but not excluded from supporting all campuses.
• Fulfil management, leadership, technical and administrative roles in the Department.

If you join the Department, you will:

• Establish an Information Security Management and Protection Framework for developing and implementing an effective enterprise-wide Information Security Governance and Strategy Programme.
• Define a Cybersecurity strategy and operating model aligned with UJ business objectives with a clear, tracked and measurable cybersecurity plan.
• Assume responsibility for UJ's information security and compliance programme, building and leading a high-performing cybersecurity and compliance team and advisory consultancy to business and IT domain leaders.
• Manage the day-to-day activities, including policies, procedures, training and communication regarding the Information Governance Programme.
• Perform regular IT Security Maturity Assessments for the respective UJ IT areas, including people, processes and technologies.
• Lead the security documentation process to ensure progress and auditability.
• Lead the implementation of a secure system development life cycle.
• Develop, implement and maintain IT security policies, procedures, standards and practices to ensure conformance with generally accepted practices and mandatory legislation / regulations.
• Conduct information assets security risk assessment.
• Lead the implementation and monitoring of information and data quality standards, policies and procedures.
• Oversee the selection, deployment and validation of IT Information security controls to ensure that security and compliance requirements are met.
• Ensure that information security threats are identified, detected, responded to, recovered from and followed up on.
• Ensure security programmes compliancy with relevant laws, regulations and policies to minimise or eliminate risk and audit findings.
• Integrate an Information and Cyber Security Risk Management Framework.
• Present regular reports to UJ executives and auditors on the cybersecurity status of the organisation.
• Collaborate with key stakeholders to proactively identify local issues and areas of risk that impact data quality, availability, and confidentiality. Implement preventive measures and remedial action when required.
• Conduct security audits to identify gaps and implement controls to mitigate risks.

• Degree or any relevant qualification (NQF 8).
• 5 to 8 years' of management experience in an Information Security Management.
• Information security, project management and IT service management experience.
• Outsourced services and management of commercial partners.
• Managing strategic change in a dynamic operating environment.
• Translating broad business needs and understanding the key drivers of enterprise applications.
• Risk assessment and mitigation risk-related industry-standard qualifications such as CISA, CISM or CISSP.

Skills:

• Good interpersonal and communication skills (verbal and written).
• Ability to maintain sound human relations and transfer skills and knowledge.
• Strong decision making and budget control skills.
• Strong Risk management and Cyber security awareness.
• IT Policies and Procedures.
• Collaborating with business managers to determine and deliver value adding IT solutions.
• Ability to manage a multi technology technical support team.
• Knowledge of the latest Information security technologies.
• Firewall standards and protocols.
• Project Management.

Enquiries regarding the job content: Ms Maletsema Phofu on Tel: (

Your application, comprising of a detailed Curriculum Vitae as well as the names and full contact details (including telephone numbers and e-mail addresses) of at least three traceable and credible referees must be uploaded before or on the closing date of the advertised post. Please also attach the following: a copy of your highest academic qualification, proof of registration with professional bodies you might belong to and if applying for an academic position, a list of accredited research output and/ or a portfolio of your creative output.

Please note that the University is obligated, in terms of recent amendments to the Criminal Law (Sexual Offences and Related Matters) Amendment Act 2021 (Act 13 of 2021) , to assess all prospective employees (including applicants) against the National Register for Sex Offenders (NRSO) . The outcome of such an assessment may have an impact upon possible employment with the University.

For more information, please review the following link: Justice/Criminal/NRSO .

Candidates may be subjected to appropriate psychometric testing and other selection instruments.

In conjunction to merit on the basis of qualifications, experience and proven achievements the University of Johannesburg is committed to providing equal employment opportunities for persons with disabilities and those individuals from the historically disadvantaged groups. As necessitated by operational requirements the University reserves the right not to make an appointment to positions advertised. If you have not received a response from the University within 8 weeks of the closing date, you should assume that your application has been unsuccessful.

Advert reference: uj_001817

Advert status: Online

Apply by: 21 February 2025

Job category: Education and Training

Campus: Auckland Park Kingsway Campus

Contract: Permanent

Remuneration: Market Related

EE position: EE

The University of Johannesburg (UJ) is a vibrant and cosmopolitan university, anchored in Africa and driven by a powerful strategy focused on attaining global excellence and stature (GES). With an emphasis on independent thinking, sustainable development, and strategic partnerships, UJ is an international university of choice. The University is guided by the Vice-Chancellor’s vision of “Positioning UJ in the Fourth Industrial Revolution (4IR) for societal impact in the context of the changing social, political, and economic fortunes of Africa”.

Reporting to the Chief Information Officer within the Information and Communications Systems (ICS) Department, the Director of Information Security Management will be responsible for developing and implementing security strategies, policies and procedures to protect the organisation's data, systems and technology infrastructure from cyber threats and vulnerabilities. Upon joining the Department, you will:

• Be situated at the Auckland Park Kingsway Campus, but not excluded from supporting all campuses.
• Fulfil management, leadership, technical and administrative roles in the Department.

If you join the Department, you will:

• Establish an Information Security Management and Protection Framework for developing and implementing an effective enterprise-wide Information Security Governance and Strategy Programme.
• Define a Cybersecurity strategy and operating model aligned with UJ business objectives with a clear, tracked and measurable cybersecurity plan.
• Assume responsibility for UJ's information security and compliance programme, building and leading a high-performing cybersecurity and compliance team and advisory consultancy to business and IT domain leaders.
• Manage the day-to-day activities, including policies, procedures, training and communication regarding the Information Governance Programme.
• Perform regular IT Security Maturity Assessments for the respective UJ IT areas, including people, processes and technologies.
• Lead the security documentation process to ensure progress and auditability.
• Lead the implementation of a secure system development life cycle.
• Develop, implement and maintain IT security policies, procedures, standards and practices to ensure conformance with generally accepted practices and mandatory legislation / regulations.
• Conduct information assets security risk assessment.
• Lead the implementation and monitoring of information and data quality standards, policies and procedures.
• Oversee the selection, deployment and validation of IT Information security controls to ensure that security and compliance requirements are met.
• Ensure that information security threats are identified, detected, responded to, recovered from and followed up on.
• Ensure security programmes compliancy with relevant laws, regulations and policies to minimise or eliminate risk and audit findings.
• Integrate an Information and Cyber Security Risk Management Framework.
• Present regular reports to UJ executives and auditors on the cybersecurity status of the organisation.
• Collaborate with key stakeholders to proactively identify local issues and areas of risk that impact data quality, availability, and confidentiality. Implement preventive measures and remedial action when required.
• Conduct security audits to identify gaps and implement controls to mitigate risks.

• Degree or any relevant qualification (NQF 8).
• 5 to 8 years' of management experience in an Information Security Management.
• Information security, project management and IT service management experience.
• Outsourced services and management of commercial partners.
• Managing strategic change in a dynamic operating environment.
• Translating broad business needs and understanding the key drivers of enterprise applications.
• Risk assessment and mitigation risk-related industry-standard qualifications such as CISA, CISM or CISSP.

Skills:

• Good interpersonal and communication skills (verbal and written).
• Ability to maintain sound human relations and transfer skills and knowledge.
• Strong decision making and budget control skills.
• Strong Risk management and Cyber security awareness.
• IT Policies and Procedures.
• Collaborating with business managers to determine and deliver value adding IT solutions.
• Ability to manage a multi technology technical support team.
• Knowledge of the latest Information security technologies.
• Firewall standards and protocols.
• Project Management.

Enquiries regarding the job content: Ms Maletsema Phofu on Tel: (

Your application, comprising of a detailed Curriculum Vitae as well as the names and full contact details (including telephone numbers and e-mail addresses) of at least three traceable and credible referees must be uploaded before or on the closing date of the advertised post. Please also attach the following: a copy of your highest academic qualification, proof of registration with professional bodies you might belong to and if applying for an academic position, a list of accredited research output and/ or a portfolio of your creative output.

Please note that the University is obligated, in terms of recent amendments to the Criminal Law (Sexual Offences and Related Matters) Amendment Act 2021 (Act 13 of 2021) , to assess all prospective employees (including applicants) against the National Register for Sex Offenders (NRSO) . The outcome of such an assessment may have an impact upon possible employment with the University.

For more information, please review the following link: Justice/Criminal/NRSO .

Candidates may be subjected to appropriate psychometric testing and other selection instruments.

In conjunction to merit on the basis of qualifications, experience and proven achievements the University of Johannesburg is committed to providing equal employment opportunities for persons with disabilities and those individuals from the historically disadvantaged groups. As necessitated by operational requirements the University reserves the right not to make an appointment to positions advertised. If you have not received a response from the University within 8 weeks of the closing date, you should assume that your application has been unsuccessful.

A Security Engineer is a crucial member of an organization’s IT team, specializing in safeguarding digital assets and maintaining the security posture of the company. They work to design, implement, and manage security measures to protect against cyber threats, unauthorized access, and data breaches.

Key Responsibilities:

Security Infrastructure Design:

• Design and implement security infrastructure, including firewalls, intrusion detection systems, and encryption protocols.
• Evaluate and recommend security products and technologies to enhance the organization’s security posture.

Incident Response and Monitoring:

• Monitor network traffic for suspicious activity and potential security breaches.
• Develop and maintain incident response plans and procedures to mitigate security incidents.
• Investigate security incidents, determine the root cause, and implement corrective actions.

Vulnerability Assessment and Penetration Testing:

• Conduct regular security assessments to identify vulnerabilities in systems and applications.
• Perform penetration tests to simulate cyberattacks and assess the organization’s readiness.

Access Control and Authentication:

• Manage user access controls and authentication mechanisms.
• Implement and maintain multi-factor authentication (MFA) solutions.

Security Policies and Compliance:

• Develop and enforce security policies, standards, and procedures.
• Ensure compliance with industry regulations (e.g., GDPR, HIPAA, PCI DSS) and best practices.

Security Awareness and Training:

• Conduct security awareness programs and training for employees.
• Keep the organization informed about emerging threats and security best practices.

Security Patch Management:

• Manage and coordinate the timely installation of security patches and updates.
• Maintain an inventory of software and hardware assets.

Encryption and Data Protection:

• Implement encryption mechanisms to protect sensitive data at rest and in transit.
• Ensure the confidentiality and integrity of data through encryption and access controls.

Qualifications:

• Bachelor’s degree in computer science, information security, or a related field (or equivalent experience).
• Relevant industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), or equivalent.
• Proven experience in information security roles, including network security, system security, or application security.
• Strong knowledge of security technologies, protocols, and tools.
• Understanding of risk management principles and methodologies.
• Proficiency in scripting and programming languages (e.g., Python, PowerShell) for automation and analysis.
• Familiarity with cloud security concepts (e.g., AWS, Azure, Google Cloud).
• Excellent problem-solving and analytical skills.
• Effective communication and teamwork abilities.

Preferred Skills:

• Experience with security information and event management (SIEM) systems.
• Knowledge of threat intelligence and threat hunting techniques.
• Experience with secure coding practices and application security assessments.
• Familiarity with network and web application firewalls.
• Understanding of security-related regulations and compliance standards.
• Security Engineers typically work in an office environment but may need to respond to security incidents outside regular business hours.
• The role may involve occasional travel to remote offices or data centers.

Security Engineers play a pivotal role in maintaining the confidentiality, integrity, and availability of an organization’s information assets. They are instrumental in protecting against cyber threats and ensuring compliance with industry regulations and security best practices.

Company Description

Standard Bank Group is a leading Africa-focused financial services group and an innovative player on the global stage. We offer a variety of career-enhancing opportunities and the chance to work alongside talented, motivated professionals. Our clients range from individuals to businesses of all sizes, high net worth families, and large multinational corporates and institutions. We are passionate about creating growth in Africa, bringing meaningful value to our clients and communities, and creating a sense of purpose for our employees.

Job Description

To implement the Group Cyber Resilience strategy by securing platforms, ecosystems, and third-party integrations; protecting sensitive data, applications, and infrastructure from infiltration or misuse; guiding security capabilities in client segments and solutions. Facilitate security services ensuring policies, standards, and controls are embedded to prevent losses and ensure regulatory compliance. Educate employees about their InfoSec responsibilities.

• Alert responsible stakeholders of non-compliance with Cyber Resilience Policies and Standards, and collaborate on remediation plans and solutions.
• Assess information security maturity scores, guide implementation for awareness and prioritization, and monitor compliance with standards.
• Collaborate with feature teams, product owners, architecture, IT, vendors, and other stakeholders to investigate risk controls.
• Work with threat intelligence, cybersecurity, security engineering, and other risk functions to develop and maintain a holistic security strategy and remediation plans.
• Communicate and raise awareness of policies within business, technology, and risk communities.

Qualifications

• Degree in Business, Commerce, Information Technology, or Risk Management (minimum)
• Post Graduate Degree in Business, Commerce, or Information Technology (preferred)

Experience Required: Cyber Security

• 5-7 years in an information security or audit role within banking or financial services. Experience with multi-vendor, outsourced, and multi-system IT environments.
• 5-7 years of knowledge and experience with implementing and managing information security policies and frameworks in a corporate environment. Management experience with diverse teams.
• 5-7 years of strong IT understanding, insights into digital and platform operating models, and current cybersecurity trends and solutions.

Behavioural Competencies:

• Adopting Practical Approaches
• Articulating Information
• Checking Things
• Directing People
• Examining Information

Technical Competencies:

• Benefits Management
• Information Security
• Internal & External IT Environment
• IT Risk Management
• Knowledge of Banking & Financial Services

A highgrowth fintech backed by global investors is building worldclass payment infrastructure across Africa. The company helps global brands succeed in South Africa by reducing payment friction increasing reliability and ensuring regulatory compliance.

Their clients include leading enterprises and globally recognised brands. With scale and security at the heart of their mission theyre shaping how the world does business on the continent.

Role Overview

As the Information Security Officer you will lead the companys information security function as it grows its enterprise and global client base. Youll design and implement fitforpurpose security strategies that support compliance protect data and enable innovation in a fastpaced environment.

Reporting to the VP of Engineering this crossfunctional role supports engineering compliance operations and leadership teams.

Key Responsibilities

• Own and maintain the information security roadmap and risk register
• Implement security policies across infrastructure applications and endpoints
• Support teams in embedding securitybydesign into the SDLC
• Lead compliance audits and assessments (e.g. PCIDSS ISO 27001 SOC 2)
• Coordinate vulnerability assessments penetration testing and risk modelling
• Develop and maintain incident response procedures
• Promote security awareness across the organisation
• Manage internal IT security needs (cloud MDM Google Workspace password policies)
• Support client security reviews and enterprise procurement processes
• Stay informed on relevant threats and regulatory changes

Challenges Youll Tackle

Ideal Candidate Profile

Required Experience :

Unclear Seniority

Key Skills

International Development,Information Systems,Community,Information Technology Sales,Corporate Recruitment

Employment Type : Contract

Experience : years

Vacancy : 1

Our client, a leading financial services firm, is seeking an Information Security Consultant to join their team on a permanent basis.

• Security Auditing
• Responsible for Security tools monitoring
• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Operating System management and Hardening
• Anti-Virus System management and Configuration
• Logical Access Management
• Vulnerability Management

• Matric and an Information Technology diploma or degree qualification
• 4+ years experience in the field

Salary: Market Related

The KPMG Africa Information Security Specialist is responsible for ensuring the confidentiality, integrity, and availability of all systems across KPMG Africa offices (South Africa, Botswana, Mauritius, Mozambique, Namibia, Zambia, Zimbabwe, Nigeria, Ghana, Kenya, Uganda, Tanzania, and Rwanda). The role involves actively managing and monitoring information security systems to detect, respond to, and remediate security risks and threats across the infrastructure.

4. Position Specifications

Educational Requirements (minimum necessary to perform the job):

• Professional / Tertiary qualification

Other Requirements:

Experience (minimum necessary):

Desired Qualifications and Experience:

• 3-5 years' experience in Information Technology Support or Information Security, including Microsoft Azure
• Industry-recognized certifications such as A+, N+, Security+, CySA+, and Cloud Security certifications like:

o Microsoft Certified: Security Operations Analyst Associate

o Microsoft Certified: Information Protection and Compliance Administrator Associate

o Microsoft Certified: Security, Compliance, and Identity Fundamentals

o Microsoft Certified: Identity & Access Management

o Microsoft Certified: Azure Security Engineer

• Professional certifications such as CISM, CISSP, ECIH are preferred but not required
• Strong knowledge of information security and cloud security concepts
• Experience in identifying, analyzing, and reporting on security risks and incidents
• Experience with security tools such as Qualys, Microsoft Defender Endpoint, Microsoft Sentinel, etc.
• Ability to evaluate vulnerabilities, develop mitigation strategies, and implement remediation
• Strong knowledge of operating systems, Microsoft Servers, Active Directory, and network protocols and technologies

5. Core Competencies:

• Attention to detail and accurate documentation
• Analytical skills to interpret information
• Ability to work independently and in a team
• Organizational and prioritization skills under pressure

6. Key Responsibilities & KPIs

Main Responsibilities:

• Monitoring incident response channels
• Executing the Information Security Incident Management Process and escalating high-priority issues
• Tracking and escalating open incidents
• Producing weekly and quarterly reports for the CISO on incident status and trends

Security Systems Configuration and Management:

• Daily monitoring of security systems to ensure proper functioning
• Configuration and management of security tools such as vulnerability, privileged access, and log management systems
• Reconciliation of assets to ensure coverage of security systems
• Reporting and issue resolution support for operational teams

Patch Management Monitoring:

• Monitoring patch management performance and identifying risks
• Addressing challenges to compliance

Threat and Event Monitoring:

• Detecting and escalating security threats and events

Vulnerability Management:

• Monitoring vulnerabilities daily
• Monthly asset reconciliation
• Managing vulnerability remediation with owners
• Supporting penetration testing activities

Supporting NITSO projects and other initiatives as required.