36 Security Monitoring jobs in South Africa

1 month ago Be among the first 25 applicants

This range is provided by FusionTek. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

ZAR800,000.00/yr - ZAR950,000.00/yr

FusionTek is a Managed Security Service Provider (MSSP) with offices in multiple US locations and team members globally. We're a tight-knit team of friendly, intelligent people focused on IT infrastructure management for small- to mid-sized businesses since 2007.

We're also rapidly growing and are looking for top-tier candidates who share our four core values:

• We are team players, collectively working towards a common goal
• We work each day with a growth mindset focused on the success of our coworkers, clients, and the company
• We do the right thing with an honest and transparent approach that always puts our clients first
• We take ownership of our work, always seeing it through to completion
• We execute quickly and precisely, both internally and externally
  
  

• You'll primarily be focused on technical management of incident response recovery efforts from start to finish. This can include initial project mobilization, assignment and management of technical workstreams, and frequent client and vendor communication. There are daily (sometimes more frequently) updated calls and associated reporting
• Incident response projects can often begin over a weekend or outside of traditional business hours, and weekends are crucial recovery opportunities to lessen the impact the client feels as their businesses are often completely down
• You'll work through our ticketing system to document, track, and escalate project tasks and tickets, and you'll also work on our documentation platform to keep everything up to date along the way
• You'll serve as an escalation point on technical questions from other engineers and the client
• You'll be working with a team of intelligent people to deliver world-class service to our clients
  
  

• Excellent comprehension and communication in the English language
• Previous experience leading a technical team
• Knowledge of Office 365 / Azure cloud services
• Knowledge of Active Directory
• Knowledge of complex networking troubleshooting (VLANs/routing/subnetting/packet captures)
• Broad understanding of how operating systems work
• Knowledge of advanced OS troubleshooting (boot issues/corruption of profiles/OS files)
• Comfortable working in different OSs, both in CLI and GUI
• SQL DB knowledge is a plus
• Knowledge of advanced firewall configuration skills (creating and troubleshooting complex firewall policies/routes)
• Experience troubleshooting ingress/egress issues
• Comfortable working in diverse firewall UIs (SonicWall, Meraki, FortiGate, Cisco, WatchGuard, etc.)
• Strong comprehension of system architecture (i.e. - how servers' function, what their roles are, etc.)
• Understanding of the elements of network and system performance
• Time management skills are crucial to your success in this role
• Superb verbal and written communications skills are a must
• Demonstrated skillset through industry certifications or an agreed upon plan to obtain them
• Previous recovery / remediation experience a plus
• Experience working in a ticketing system is preferred, with Autotask experience a plus
  
  

• Salary range - R800,000 to R950,000
• Quarterly bonus eligibility based on specific KPIs
• Educational reimbursement for certification tests and company supplied training resources

• Seniority level Associate

• Employment type Contract

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at FusionTek by 2x

Get notified about new Security Technician jobs in Johannesburg, Gauteng, South Africa .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

FusionTek is a Managed Security Service Provider (MSSP) with offices in multiple US locations and team members globally. We’re a tight-knit team of friendly, intelligent people focused on IT infrastructure management for small- to mid-sized businesses since 2007.

We’re also rapidly growing and are looking for top-tier candidates who share our four core values:

• We are team players, collectively working towards a common goal.
• We work each day with a growth mindset focused on the success of our coworkers, clients, and the company.
• We do the right thing with an honest and transparent approach that always puts our clients first.
• We take ownership of our work, always seeing it through to completion.
• We execute quickly and precisely, both internally and externally.

If this opportunity excites you, we invite you to continue reading! Join our team as an Incident Response Technical Lead. We’re seeking a proactive problem-solver with a client-focused attitude who thrives on tackling technical challenges.

As an Incident Response Tech Lead, you will provide excellence in high-touch technical management for incident response projects. This includes frequent technical and non-technical written, verbal, and video call (Zoom / Teams) updates with all stakeholders on a project, both within FusionTek and externally. Throughout the day, you’ll be translating technology to clients who aren’t always technical, so communication skills are paramount in this role. A broad technical foundation is also required, as you will make decisions on the client’s recovery strategy and will serve as an escalation point and subject matter expert to FusionTek team members and the client.

We are currently staffing the following shifts:

8:00 AM – 5:00 PM, Sunday to Thursday or Tuesday to Saturday - South Africa Standard Time (SAST)

2:00 PM – Midnight (Friday to Monday) - South Africa Standard Time (SAST)

Here’s what you’ll be doing:

• You’ll primarily be focused on technical management of incident response recovery efforts from start to finish. This can include initial project mobilization, assignment and management of technical workstreams, and frequent client and vendor communication. There are daily (sometimes more frequently) updated calls and associated reporting.
• Incident response projects can often begin over a weekend or outside of traditional business hours, and weekends are crucial recovery opportunities to lessen the impact the client feels as their businesses are often completely down.
• You’ll work through our ticketing system to document, track, and escalate project tasks and tickets, and you’ll also work on our documentation platform to keep everything up to date along the way.
• You'll serve as an escalation point on technical questions from other engineers and the client.
• You’ll be working with a team of intelligent people to deliver world-class service to our clients

• Excellent comprehension and communication in the English language
• Previous experience leading a technical team
• Knowledge of Office 365 / Azure cloud services
• Knowledge of Active Directory
• Knowledge of complex networking troubleshooting (VLANs/routing/subnetting/packet captures)
• Broad understanding of how operating systems work
• Knowledge of advanced OS troubleshooting (boot issues/corruption of profiles/OS files)
• Comfortable working in different OSs, both in CLI and GUI
• SQL DB knowledge is a plus
• Knowledge of advanced firewall configuration skills (creating and troubleshooting complex firewall policies/routes)
• Experience troubleshooting ingress/egress issues
• Comfortable working in diverse firewall UIs (SonicWall, Meraki, FortiGate, Cisco, WatchGuard, etc.)
• Strong comprehension of system architecture (i.e. - how servers’ function, what their roles are, etc.)
• Understanding of the elements of network and system performance
• Time management skills are crucial to your success in this role
• Superb verbal and written communications skills are a must
• Demonstrated skillset through industry certifications or an agreed upon plan to obtain them
• Previous recovery / remediation experience a plus
• Experience working in a ticketing system is preferred, with Autotask experience a plus

At FusionTek, we truly believe that our people are our most valuable asset, which is why we’re excited to provide:

• Salary range – R800,000 to R950,000
• Quarterly bonus eligibility based on specific KPIs.
• Educational reimbursement for certification tests and company supplied training resources

FusionTek is a Managed Security Service Provider (MSSP) with offices in multiple US locations and team members globally. We’re a tight-knit team of friendly, intelligent people focused on IT infrastructure management for small- to mid-sized businesses since 2007.

We’re also rapidly growing and are looking for top-tier candidates who share our four core values:

• We are team players, collectively working towards a common goal.
• We work each day with a growth mindset focused on the success of our coworkers, clients, and the company.
• We do the right thing with an honest and transparent approach that always puts our clients first.
• We take ownership of our work, always seeing it through to completion.
• We execute quickly and precisely, both internally and externally.

If this opportunity excites you, we invite you to continue reading! Join our team as an Incident Response Technical Lead. We’re seeking a proactive problem-solver with a client-focused attitude who thrives on tackling technical challenges.

As an Incident Response Tech Lead, you will provide excellence in high-touch technical management for incident response projects. This includes frequent technical and non-technical written, verbal and video call (Zoom / Teams) updates with all stakeholders on a project, both within FusionTek and externally. Throughout the day you’ll be translating technology to clients who aren’t always technical, so communication skills are paramount in this role. A broad technical foundation is also required, as you will make decisions on the client’s recovery strategy and will serve as escalation point and subject matter expert to FusionTek team members and the client.

We are currently staffing the following shifts:

8:00 AM – 5:00 PM, Sunday to Thursday or Tuesday to Saturday - South Africa Standard Time (SAST)

2:00 PM – Midnight (Friday to Monday) - South Africa Standard Time (SAST)

Here’s what you’ll be doing:

• You’ll primarily be focused on technical management of incident response recovery efforts from start to finish. This can include initial project mobilization, assignment and management of technical workstreams, and frequent client and vendor communication. There are daily (sometimes more frequently) updated calls and associated reporting.
• Incident response projects can often begin over a weekend or outside of traditional business hours, and weekends are crucial recovery opportunities to lessen the impact the client feels as their businesses are often completely down.
• You’ll work through our ticketing system to document, track, and escalate project tasks and tickets, and you’ll also work on our documentation platform to keep everything up to date along the way.
• You'll serve as an escalation point on technical questions from other engineers and the client.
• You’ll be working with a team of intelligent people to deliver world-class service to our clients

• Excellent comprehension and communication in the English language
• Previous experience leading a technical team
• Knowledge of Office 365 / Azure cloud services
• Knowledge of Active Directory
• Knowledge of complex networking troubleshooting (VLANs/routing/subnetting/packet captures)
• Broad understanding of how operating systems work
• Knowledge of advanced OS troubleshooting (boot issues/corruption of profiles/OS files)
• Comfortable working in different OSs, both in CLI and GUI
• SQL DB knowledge is a plus
• Knowledge of advanced firewall configuration skills (creating and troubleshooting complex firewall policies/routes)
• Experience troubleshooting ingress/egress issues
• Comfortable working in diverse firewall UIs (SonicWall, Meraki, FortiGate, Cisco, WatchGuard, etc.)
• Strong comprehension of system architecture (i.e. - how servers’ function, what their roles are, etc.)
• Understanding of the elements of network and system performance
• Time management skills are crucial to your success in this role
• Superb verbal and written communications skills are a must
• Demonstrated skillset through industry certifications or an agreed upon plan to obtain them
• Previous recovery / remediation experience a plus
• Experience working in a ticketing system is preferred, with Autotask experience a plus

At FusionTek, we truly believe that our people are our most valuable asset, which is why we’re excited to provide:

• Salary range – R800,000 to R950,000
• Quarterly bonus eligibility based on specific KPIs.
• Educational reimbursement for certification tests and company supplied training resources

• Conduct incident and investigation post-mortem analysis, and reporting;

• Conduct forensic investigations including physical/logical disk, network packet capture, memory analysis or malware analysis;

• Use EDR/XDR tools to triage and respond to cyber incidents;

• Plan, organise and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence collected;

• Prioritising and differentiating between potential intrusion activity and false alarms;

• Provide technical guidance to investigations to correctly gather, analyse and present digital evidence to both business and legal audiences;

• Collate conclusions and recommendations and present forensics findings to stakeholders;

• Contribute to the development of internal scripts and tools for incident response; • Correlate threat intelligence with active attacks and vulnerabilities within the enterprise;

• Research and test out new DFIR tooling and techniques;

• Provide incident response support services for client assignments; and

• Assist with crisis management and driving the incident response capabilities to deal with emerging threats.

Skills and Experience

• Experience in forensic capture and investigation tools such as EnCase, X-Ways, SIFT or FResponse;

• Knowledge of Windows system internals and ability to identify common indicators of compromise from dead or live systems and live memory using tools such as the SysInternals suite, RegRipper, Volatility, or Mandiant Redline;

• Experience of gleaning and analysing security information from enterprise network and host based sensors, such as IDS/IPS systems, HIDS, SIEMs, AD controllers and firewalls;

• Expertise analysing raw network traffic captures or deployment and use of network forensics or monitoring devices such as FireEye, Solera, WireShark, SNORT or Netwitness;

• Knowledge of offensive security and ethical hacking techniques, together with Threat Intelligence methodologies.

• Consulting experience deploying and using enterprise EDR or investigative products such as Tanium, Carbon Black, Mandiant MIR, CrowdStrike Falcon or EnCase Cybersecurity (advantageous); and

• Knowledge of scripting languages such as Python, Perl or PowerShell and their use in forensic analysis and live incident response, or experience using other programming languages to develop software for host-centric, network-centric or log-centric security analysis

Qualifications

• B.Tech, BsC Computer Science, Bcom IT or other relevant qualifications.

• Industry recognised certifications

Experience

• Management Experience would be an advantage;

• 2-3 years’ experience in incident response and/or cybersecurity;

• Digital forensics experience would be an advantage; and

• Consulting experience would be advantageous.

• The ability to draw insights from diverse data sets to aid investigations;

• Strong networking and general technical IT understanding;

• Understanding of ISO and NIST standards

• Pro-active and committed to delivery

• Ability to perform under pressure

• Planning and organising ability

• Analytical and solutions driven

• Flexible and adaptable to change

Drivers Licence

Essential (Non-negotiable). Own transport is required.

Overtime

In some instances, overtime will be required to meet project deliverables.

Travel Extensive travel required in the Gauteng region and nationally. Occasional travel internationally. Further, given the nature of the role travel could be at short notice.

Language

The incumbent must be fluent in English. Fluency in any other official language(s) would be advantageous

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other
• Industries Business Consulting and Services

Referrals increase your chances of interviewing at PwC South Africa by 2x

Get notified about new Information Technology Associate jobs in Johannesburg Metropolitan Area .

Johannesburg, Gauteng, South Africa 2 hours ago

Johannesburg, Gauteng, South Africa 2 days ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 1 month ago

Johannesburg, Gauteng, South Africa 3 days ago

Woodmead, Gauteng, South Africa 1 week ago

Johannesburg Metropolitan Area 1 week ago

Johannesburg Metropolitan Area 2 days ago

City of Johannesburg, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 1 day ago

Johannesburg, Gauteng, South Africa 5 days ago

Sandton, Gauteng, South Africa 2 weeks ago

Johannesburg, Gauteng, South Africa 6 days ago

City of Johannesburg, Gauteng, South Africa 1 day ago

Sandton, Gauteng, South Africa 2 days ago

Johannesburg, Gauteng, South Africa 6 months ago

Johannesburg Metropolitan Area 1 week ago

Johannesburg, Gauteng, South Africa 1 week ago

Johannesburg, Gauteng, South Africa 6 hours ago

Randburg, Gauteng, South Africa 2 days ago

City of Johannesburg, Gauteng, South Africa 4 weeks ago

Johannesburg, Gauteng, South Africa 3 days ago

Johannesburg, Gauteng, South Africa 1 day ago

Midrand, Gauteng, South Africa 3 weeks ago

City of Johannesburg, Gauteng, South Africa 4 weeks ago

Johannesburg, Gauteng, South Africa 6 days ago

City of Johannesburg, Gauteng, South Africa 3 weeks ago

Ivory Park, Gauteng, South Africa 5 hours ago

City of Johannesburg, Gauteng, South Africa 4 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

S-RM is seeking an Incident Response Associate (Technical Lead) to join our Cyber Security team in South Africa.

Cybersecurity

Cape Town

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Ethical Hacking, and Incident Response practices are in more demand than ever.

We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

Our Incident Response Associates are a critical part of our Cyber Security division’s success.

As a Response Associate (Technical Lead), you will deploy your incident response expertise in a senior delivery role across our incident response services.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

• Leading technical incident response from first contact through to closure: you will be the primary technical resource on response cases, deploying your own expertise and offering guidance to colleagues on your project team.
• Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
• Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24X7X365 client incident coverage.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
• Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

Candidates with the following qualifications and experience are likely to succeed as Incident Response Associates at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

• Experience: 5+ years’ experience in a technical cyber security role. Direct experience working in an incident response team is beneficial but not essential.
• Approach: an investigative mindset. You should be comfortable solving problems with limited information and guidance.
• Threat intelligence: some demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.
• Skillset: you should be comfortable using scripting to solve cyber security problems and ideally be able to demonstrate an interest in doing so, e.g. through your own research projects or prior experience.
• Communication: you should be able to communicate your technical findings for a non-technical audience in a professional setting.
• Qualifications: relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+

The successful candidate must have permission to work in South Africa by the start of their employment.

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 23 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
• Life Insurance 4X annual salary.

Parental Support:

• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

• Medical Aid (taxable benefit) for you and your immediate family;
• EAP program for you and your immediate family;
• Free access to the world-famous mindfulness app.

S-RM is seeking an Incident Response Associate (Technical Lead) to join our Cyber Security team in South Africa.

Cybersecurity

Cape Town

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Ethical Hacking, and Incident Response practices are in more demand than ever.

We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

Our Incident Response Associates are a critical part of our Cyber Security division’s success.

As a Response Associate (Technical Lead), you will deploy your incident response expertise in a senior delivery role across our incident response services.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

• Leading technical incident response from first contact through to closure: you will be the primary technical resource on response cases, deploying your own expertise and offering guidance to colleagues on your project team.
• Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
• Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24X7X365 client incident coverage.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
• Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

Candidates with the following qualifications and experience are likely to succeed as Incident Response Associates at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

• Experience: 5+ years’ experience in a technical cyber security role. Direct experience working in an incident response team is beneficial but not essential.
• Approach: an investigative mindset. You should be comfortable solving problems with limited information and guidance.
• Threat intelligence: some demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.
• Skillset: you should be comfortable using scripting to solve cyber security problems and ideally be able to demonstrate an interest in doing so, e.g. through your own research projects or prior experience.
• Communication: you should be able to communicate your technical findings for a non-technical audience in a professional setting.
• Qualifications: relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+

The successful candidate must have permission to work in South Africa by the start of their employment.

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 23 days holiday per year in addition to public holidays (+1 day for every year of service up to a maximum of 30 days in total);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
• Life Insurance 4X annual salary.

Parental Support:

• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

• Medical Aid (taxable benefit) for you and your immediate family;
• EAP program for you and your immediate family;
• Free access to the world-famous mindfulness app.

• Matric Certificate with Maths
• B Com in Accountancy or equivalent
• JDE Common Foundation
• JDE Technical Foundation
• AllOut Security Certification
• CNC Certification (advantageous)
• AS/400 CL Programming
• PRINCE2 / Project Management Certification
• Business or Systems Analysis Certification
• ITIL or COBIT Framework knowledge.

• Ten (10) + years in IT, with at least 5 years in JD Edwards E1 and World (Functional and Technical)
• Experience with AllOut Security administration
• ERP System experience: JD Edwards (mandatory), SAP or Navision (advantageous)
• Deep knowledge of Active Directory, QlikView, and vulnerability management
• Experience managing security frameworks on AS/400 systems;
• CNC and JDE deployment management
• Business analysis, project implementation, and end-user training
• Knowledge of compliance standards (SOX, King IV);
• Process mapping and documentation (Visio, Lucidchart, etc.)
• Report development and analytics (QlikView, SQL, etc.).

• Design and maintain system security protocols (JDE E1 and World)
• Administer and configure AllOut Security, ensuring segregation of duties and audit readiness
• Monitor and maintain integrations and support for various systems connected to JD Edwards
• Perform system analysis, vulnerability assessments, and conduct internal audits in alignment with King III/IV and SOX
• Lead and support audits, risk assessments, and disaster recovery processes
• Manage user roles, responsibilities, and access rights across systems
• Support CNC, AS/400 system management, and I-series server operations
• Write, update, and maintain technical documentation and user procedures
• Lead incident responses, forensic analysis, and investigations of breaches
• Train and support end-users and teams across departments;
• Provide help desk support and develop end-user documentation
• Drive and support security awareness campaigns
• Proactively identify areas of process and security improvement
• Attend to audit queries as and when required
• Perform ad hoc duties as and when required within reasonable job scope.

The purpose of the mid-level IT Security Analyst position is to ensure the security of the organization's digital assets and protect against cyber threats. This role involves safeguarding network infrastructure, monitoring and analyzing security events, responding to incidents, and implementing security measures and countermeasures. The IT Security Analyst will collaborate closely with Senior IT support colleagues to maintain the organization's security posture. This position can be based at our Durban or Somkhele (Northern KZN) campus, with routine travel between campuses potentially required. The client has a hybrid work policy of two days in the office and the rest from home.

1. Monitor computer networks and systems for security issues or breaches.
2. Investigate and document security breaches and other cybersecurity incidents.
3. Install security measures and operating software to protect systems and information infrastructure.
4. Perform vulnerability scanning, risk analyses, and security assessments.
5. Assist in developing information security policies and procedures.
6. Implement and upgrade security measures and controls in collaboration with colleagues.
7. Stay updated on the latest cybersecurity intelligence, including hackers’ methodologies, to anticipate security breaches.
8. Train staff on information security procedures and practices.
9. Report security assessment findings to management and recommend improvements.
10. Research and implement security best practices, including data security and data loss prevention (DLP).
11. Manage security tools such as Anti-Malware, Anti-SPAM, Nessus, Firewalls, etc.
12. Enhance security and compliance through Microsoft 365 and other technologies.

• Professional IT certificates such as A+, N+, MCSE, CompTIA Security+, CySA+, CEH, or GIAC GSEC/GCIH. A diploma or degree is advantageous.

• Over 3 years of experience in cybersecurity, focusing on blue team activities or similar roles.
• Hands-on experience with incident response and SIEM management.
• Strong knowledge of Active Directory and Entra ID.
• Experience with DHCP, DNS, and general networking.
• Proficiency with Microsoft Windows and Apple Mac OSX.
• Knowledge of Microsoft desktop products including Office and Office 365.

• Linux skills and scripting experience.
• CISSP or CISM certification (preferred but not required).
• Bachelor’s degree in Cybersecurity, IT, or a related field, or equivalent experience.
• Previous SOC experience.

• Security analyst
• IT security analyst
• Cybersecurity

Industry: Scientific, Research & Development

Job category: Network Administration and Security

Location: Randburg

Contract: Permanent

Remuneration: Market Related

EE position: Yes

Mintek has an exciting career opportunity for an ICT Security Analyst. The successful candidate will ensure the security and integrity of MINTEK’s ICT infrastructure by implementing and managing key security systems, monitoring network traffic, responding to incidents, conducting risk assessment and ensuring compliance with regulations like POPIA. The ideal candidate will have strong cybersecurity skills and experience with various security tools.

• Firewall Administration (IPS/IDS): Manage and monitor firewall configurations, ensuring optimal performance and security. Implement intrusion detection and prevention systems to protect against potential threats;
• Endpoint EDR Administration and Monitoring: Manage and monitor EDR systems by configuring policies, conducting threat hunts, analysing alerts, and ensuring updates. Implement behavioural detection and prevention to identify and mitigate threats, ensuring endpoint security and performance;
• VPN Management: Administer and secure virtual private network, ensuring secure remote access for users while monitoring for unauthorised access or breaches;
• Mimecast Administration: Oversee the e-mail security platform, ensuring robust protection against phishing, malware, and other e-mail-based threats;
• KnowBe4 Security Awareness Training: Manage the security awareness platform, coordinating regular phishing simulations and training sessions to improve staff vigilance against social engineering attacks;
• SIEM Incident Remediation: Monitor security information and event management (SIEM) systems incidents, analyse security alerts, and respond to incidents promptly to mitigate risks;
• Active Directory (AD) Security: Ensure the security and integrity of the Active Directory environment by managing access controls, permissions, and group policies;
• Cloud Security: Implement and manage security measures for cloud-based services, ensuring data protection and compliance with MINTEK’s security policies.

• Digital Signature Administration: Manage the digital signature platform, ensuring secure and compliant electronic document signing processes;
• Data Governance: Develop and enforce data governance policies, ensuring the organization’s data is managed securely, consistently, and in compliance with regulations;
• Vulnerability Management: Conduct regular vulnerability assessments, applying patches and updates as necessary, and ensuring systems are protected against known vulnerabilities.

• POPIA Compliance: Ensure all ICT operations and data management practices comply with the Protection of Personal Information Act (POPIA) requirements, implementing necessary controls and processes.

• Cross-ICT Sections Collaboration: Work closely with other sections in ICT to ensure security measures are integrated into all aspects of the organization’s operations;
• User Support: Provide technical support and guidance to users regarding security practices and incident response procedures;
• Monthly Reporting: Prepare regular reports on security status, incidents, and compliance for senior management and regulatory bodies.

• Minimum: Bachelor’s degree in information technology, Computer Science, Information Systems, Cybersecurity, or a related field.
• Ideal: CompTIA's Security, CISSP or equivalent

• Minimum of 3-5 years of experience in IT security, with specific experience in the administration of firewalls, VPNs, and SIEM systems;
• Hands-on experience with firewalls, EDRs, email security, security awareness training, vulnerability management and AD security.
• Experience in cloud security and vulnerability management is essential.