6 Security Operations jobs in Johannesburg

In this role, youll take ownership of end-to-end IT procurement , including tendering, supplier evaluation, and contract management across both local and international markets. Youll work closely with IT, Finance, Legal, and project teams , providing advice and guidance to influence sourcing decisions, ensure compliance, and deliver commercial value. Were looking for someone with: -6 years experience in IT procurement , ideally within the financial services sector Practical experience with tendering, supplier negotiations, and contract management Strong ability to engage and influence internal and external stakeholders , including Legal, IT architects, and Finance teams Exposure to local and international markets and IT categories such as IT Security, Software, Systems Operations, Licensing, and Maintenance A degree in Procurement, Supply Chain, Commerce, or related field, with a CIPS qualification (essential) A practical, self-driven approach , with strong organizational skills and commercial awareness This is an excellent opportunity for someone who enjoys managing complex sourcing processes, shaping procurement decisions, and delivering value across critical IT initiatives , all while working in a collaborative, hybrid environment. If youre a proactive, commercially savvy sourcing professional ready to make an impact, lets connect to discuss this exciting opportunity -

Overview

Location: ZA, GP, Johannesburg, Simmonds Street

As a Specialist Incident Response Analyst, you will play a central role in detecting, investigating, and responding to cyber incidents in a non-tiered SOC environment. You will own incidents end-to-end from triage through containment and recovery while applying an adversarial mindset to anticipate attacker behaviour. Alongside technical response, you will contribute to policy improvement, coaching, and industry engagement, ensuring the bank’s response capability matures continuously. This role includes after-hours standby as part of an on-call rotation.

Qualifications

• A degree Information Technology is required.
• IT Risk/security certification such as CISM, CISSP or CISA, GCIA, GCIH, OSCP is required.
• AWS/Azure Cloud Certifications.

Experience Required:

• 5-7 years experience in IT Security, preferably in a Financial Institution, with noted experience in developing threat models, threat analysis, cyber and incident management, offensive security, high level static and dynamic malware analysis.
• 5-7 years experience in strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions.
• Strong experience in incident management, threat modelling, malware analysis, and offensive security techniques.
• Broad IT systems knowledge and awareness of digital platform operating models.

Key Responsibilities

• Detect & Investigate: Analyse alerts from SIEM, EDR, and threat intelligence sources; distinguish true vs false positives.
• Contain & Remediate: Lead active incidents through containment, eradication, and recovery actions.
• Threat Hunting: Proactively search for adversary activity using attacker TTPs and threat intel.
• Malware & Phishing Triage: Perform static/dynamic malware analysis and investigate phishing campaigns.
• Offensive Security Awareness: Apply penetration testing/red team knowledge to strengthen detection and response.
• Forensic Support: Collect and analyse logs, endpoint, and network artifacts for root cause analysis.
• On-Call Duties: Provide after-hours escalation support on a rotational basis.
• Documentation & Reporting: Produce incident reports, lessons learned, and contribute to playbook improvements.

#J-18808-Ljbffr

Overview

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts.

The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.

Key responsibilities

• Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
• Performs access management activities according to the policy.
• Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
• Interacts with a global team of Cyber Security Analysts and specialists.
• Manages 2nd level triaging of security alerts, events, and notifications.
• Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees.
• Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
• Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
• Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
• Maintains an understanding of current and emerging threats, vulnerabilities, and trends.

To thrive in this role, you need to have

• Advanced understanding of End Point Protection Software.
• Advanced understanding of Enterprise Detection and Response software.
• Advanced knowledge of technological advances within the information security arena.
• Advanced understanding of inter-relationships in an overall system or process.
• Advanced knowledge of information security management and policies.
• Advanced understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents
• Advanced understanding of the organization's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy.
• Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response.
• Ability to think critically, analyze information, and solve medium to complex problems.

Academic qualifications and certifications

• Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred.
• SANS GIAC Security Essentials (GSEC) or equivalent preferred.
• SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
• SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred

Required experience

• Advanced experience in a Technology Information Security Industry.
• Advanced experience or knowledge of SIEM and IPS technologies.
• Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.

Workplace type: Hybrid Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Third parties fraudulently posing as NTT DATA recruiters

NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.

#J-18808-Ljbffr

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).
This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts.
The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
**Key responsibilities:**
+ Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
+ Performs access management activities according to the policy.
+ Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
+ Interacts with a global team of Cyber Security Analysts and specialists.
+ Manages 2nd level triaging of security alerts, events, and notifications.
+ Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees.
+ Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
+ Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
+ Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
+ Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
**To thrive in this role, you need to have:**
+ Advanced understanding of End Point Protection Software.
+ Advanced understanding of Enterprise Detection and Response software.
+ Advanced knowledge of technological advances within the information security arena.
+ Advanced understanding of inter-relationships in an overall system or process.
+ Advanced knowledge of information security management and policies.
+ Advanced understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents
+ Advanced understanding of the organization's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy.
+ Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response.
+ Ability to think critically, analyze information, and solve medium to complex problems.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related preferred.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
**Required experience:**
+ Advanced experience in a Technology Information Security Industry.
+ Advanced experience or knowledge of SIEM and IPS technologies.
+ Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters-whether in writing or by phone-in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .