30 Security Sme jobs in South Africa

LearningMate is seeking a subject matter expert to help create educational material for a college- level graphic design course. This role will have you collaborating with an experienced team to create educational content. The educational content will be delivered through an asynchronous distance learning model. Content must be written in such a way that it is clear, engaging, and accessible to all types of learners.

Examples of Project Tasks:

• Follow client guidelines when reviewing content
• Review revisions to the course based on a new edition of the textbook
• Revise content as needed to ensure content is accurate, up to date, and aligned with the new edition of the textbook
• Write scenarios, case studies, and other items as needed to support assessments
• Write assessment items as needed
• Use provided templates properly to ensure consistency

Requirements:

• Strong command of both written and verbal English
• Bachelor's Degree in Graphic Design
• Experience writing content for online courses
• Familiarity with the Adobe suite of products, specifically Adobe Illustrator
• Familiarity with educational theories, such as situated learning theory, adult learning theory, and the universal design for learning theory

Preferred Qualifications (not required):

• Teaching experience
• Assessment writing experience

Join our client as a
Subject Matter Expert (SME) in Cards & Payments
. You'll provide expert guidance on credit/debit cards, digital payments (e.g., mobile wallets), and rewards programs. This role focuses on ensuring compliance, reducing fraud, and enhancing payment systems through short-term projects like product launches or regulatory upgrades. You'll work closely with client teams (IT, legal, operations) and partners (e.g., Visa/Mastercard) to deliver results in a fast-paced banking environment.

Key Responsibilities

• Advise on regulatory compliance (e.g., central bank submissions, payment system laws).
• Support card product development, including contactless payments and digital wallet integration.
• Investigate card fraud, disputes, and transaction issues, proposing solutions to cut losses.
• Collaborate on system improvements and train client staff on card security and tools (e.g., mobile banking apps).
• Stay updated on payment trends (e.g., biometrics, tokenization) to drive innovation.
• Deliver project milestones on time, with clear documentation and knowledge sharing.

What We're Looking For

• Education
  : Bachelor's degree in finance, IT, business, or related field (postgraduate a plus).
• Certifications
  : Payments/cards-related certifications (e.g., PCI DSS, CISSP, CPP) preferred.
• 5+ years in financial services (banking/fintech).
• 3+ years as an SME in cards/payments, with hands-on work in regulatory reporting, product management, or fraud detection.
• Deep knowledge of card systems (e.g., EMV standards) and South African regulations.
• Strong data analysis skills (SQL, Excel, BI tools) for risk and fraud work.
• Excellent communication and teamwork for client-site collaboration.
• Ability to deliver fast, ethical results in a project-based role.

Role Purpose

The Microsoft Purview Subject Matter Expert (SME) will lead the design, implementation, and optimization of Microsoft Purview solutions to strengthen the client 's data governance, compliance, and information protection posture. This role requires deep technical expertise in Microsoft Purview, Information Protection, DLP, Compliance Manager, Insider Risk, and Data Governance frameworks across Microsoft 365, Azure, and hybrid environments. The SME will act as the client 's trusted advisor for data governance and compliance automation, ensuring alignment with corporate and regulatory requirements.

Key Responsibilities

Strategy & Governance

• Define and implement the client 's data governance and compliance strategy using Microsoft Purview.
• Establish data classification frameworks, sensitivity labeling standards, and data lifecycle management policies.
• Develop governance dashboards and metrics to measure policy adherence and data risk posture.
• Ensure alignment with enterprise architecture, security, and compliance frameworks (e.g., TOGAF, ISO 27001, POPIA, GDPR).

Solution Design & Implementation

• Design, configure, and deploy Purview Data Map, Data Catalog, and Data Lineage solutions.
• Implement Information Protection and DLP policies for Microsoft 365 and endpoints.
• Integrate Purview with Azure Information Protection, Defender for Cloud Apps, Sentinel, and Entra ID.
• Enable multicloud and hybrid data source connectors.
• Create data scanning rules and classifiers to automatically identify sensitive data types.

Compliance & Risk Management

• Manage Compliance Manager, eDiscovery, and Insider Risk configurations.
• Develop and maintain assessment templates for compliance frameworks.
• Monitor risk trends, generate insights, and present mitigation recommendations.
• Support Data Protection Impact Assessment (DPIAs) and Data Subject Request (SRs) through Purview.
• Drive automation of evidence collection for audit readiness.

Continuous Improvement & Enablement

• Define best practices, operating procedures, and governance playbooks for Purview adoption.
• Conduct workshops and training sessions for data owners, IT, and compliance teams.
• Collaborate with architects and engineers to integrate Purview insights into business workflows.
• Stay current with Microsoft roadmap updates and compliance capabilities.

Technical Integration

• Oversee API-based integration with third-party SIEM, GRC, or data security platforms.
• Ensure Purview's compatibility with Defender for Endpoint, MIP SDK, and Microsoft Graph.
• Participate in architecture reviews to ensure secure and compliant design patterns.

Required Skills & Experience

Technical Expertise

• 5–8 years of experience in Microsoft Information Protection, Compliance, or Data Governance.
• Hands-on experience configuring and managing Purview (Data Map, Catalog, DLP, Information Protection, Compliance Manager, etc.).
• Strong knowledge of data classification models, governance frameworks, and regulations (POPIA, GDPR, ISO 27001, NIST, SOC2).
• Experience with multicloud governance (Azure, AWS, Google) and hybrid data architectures.

Qualifications

• Bachelor's degree in information systems, Computer Science, or equivalent.

Preferred Certifications:

• Microsoft Certified: Information Protection Administrator Associate
• Microsoft Certified: Security Operations Analyst Associate
• Microsoft Certified: Compliance Administrator Associate
• TOGAF or COBIT certification (advantage)
• CISM / CISSP / ISO 27001 Lead Implementer (advantage)

Soft Skills

• Strong stakeholder management and executive communication skills.
• Ability to translate complex regulatory requirements into technical configurations.
• Analytical mindset and strong problem-solving skills.
• Excellent documentation and reporting capabilities.
• Comfortable leading workshops and cross-functional governance forums.

Key Deliverables

• Enterprise-wide Purview implementation roadmap.
• Data classification and sensitivity labeling framework.
• Active DLP, eDiscovery, and insider risk policies.
• Governance dashboards and reporting metrics.
• Continuous improvement plan for data compliance maturity.

Environment

• Hybrid Cloud (M365, Azure, SAP, AWS)
• Tools Ecosystem: Microsoft Purview, Sentinel, XDR- Micro Trend, ServiceNow GRC, Power BI

Employment type:
6 months contract

Location:
Centurion

Working model:
Hybrid

Interested candidates who meet the above criteria are encouraged to apply immediately, please send your CV to

Our client is seeking an experience
Microsoft Purview Subject Matter Expert (SME)
to lead the design, implementation, and optimization of Microsoft Purview solutions to strengthen their data governance, compliance, and information protection posture. This role requires deep technical expertise in Microsoft Purview, Information Protection, DLP, Compliance Manager, Insider Risk, and Data Governance frameworks across Microsoft 365, Azure, and hybrid environments. The SME will act as their trusted advisor for data governance and compliance automation, ensuring alignment with corporate and regulatory requirements.

Role Highlights:

Strategy & Governance

• Define and implement data governance and compliance strategy using Microsoft Purview.
• Establish data classification frameworks, sensitivity labeling standards, and data lifecycle management policies.
• Develop governance dashboards and metrics to measure policy adherence and data risk posture.
• Ensure alignment with enterprise architecture, security, and compliance frameworks (e.g., TOGAF, ISO 27001, POPIA, GDPR).

Solution Design & Implementation

• Design, configure, and deploy Purview Data Map, Data Catalog, and Data Lineage solutions.
• Implement Information Protection and DLP policies for Microsoft 365 and endpoints.
• Integrate Purview with Azure Information Protection, Defender for Cloud Apps, Sentinel, and Entra ID.
• Enable multi-cloud and hybrid data source connectors.
• Create data scanning rules and classifiers to automatically identify sensitive data types.

Compliance & Risk Management

• Manage Compliance Manager, eDiscovery, and Insider Risk configurations.
• Develop and maintain assessment templates for compliance frameworks.
• Monitor risk trends, generate insights, and present mitigation recommendations.
• Support Data Protection Impact Assessment (DPIAs) and Data Subject Request (SRs) through Purview.
• Drive automation of evidence collection for audit readiness.

Continuous Improvement & Enablement

• Define best practices, operating procedures, and governance playbooks for Purview adoption.
• Conduct workshops and training sessions for data owners, IT, and compliance teams.
• Collaborate with architects and engineers to integrate Purview insights into business workflows.
• Stay current with Microsoft roadmap updates and compliance capabilities.

Technical Integration

• Oversee API-based integration with third-party SIEM, GRC, or data security platforms.
• Ensure Purview's compatibility with Defender for Endpoint, MIP SDK, and Microsoft Graph.
• Participate in architecture reviews to ensure secure and compliant design patterns.

Required Skills and Experience:

Technical Expertise

• 5–8 years of experience in Microsoft Information Protection, Compliance, or Data Governance.
• Hands-on experience configuring and managing Purview (Data Map, Catalog, DLP, Information Protection, Compliance Manager, etc.).
• Strong knowledge of data classification models, governance frameworks, and regulations (POPIA, GDPR, ISO 27001, NIST, SOC2).
• Experience with multi-cloud governance (Azure, AWS, Google) and hybrid data architectures.

Soft Skills

• Strong stakeholder management and executive communication skills.
• Ability to translate complex regulatory requirements into technical configurations.
• Analytical mindset and strong problem-solving skills.
• Excellent documentation and reporting capabilities.
• Comfortable leading workshops and cross-functional governance forums.

Qualifications

• Bachelor's Degree in Information Systems, Computer Science, or equivalent.

Preferred Certifications:

• Microsoft Certified: Information Protection Administrator Associate

• Microsoft Certified: Security Operations Analyst Associate

• Microsoft Certified: Compliance Administrator Associate

• TOGAF or COBIT certification (advantage)

• CISM / CISSP / ISO 27001 Lead Implementer (advantage)

Key Deliverables

• Enterprise-wide Purview implementation roadmap.
• Data classification and sensitivity labeling framework.
• Active DLP, eDiscovery, and insider risk policies.
• Governance dashboards and reporting metrics.
• Continuous improvement plan for data compliance maturity.

Environment

• Hybrid Cloud (M365, Azure, SAP, AWS)
• Tools Ecosystem: Microsoft Purview, Sentinel, XDR- Micro Trend, ServiceNow GRC, Power BI

Applications should be emailed to

The IT Service Management Consultant – Subject Matter Expert (SME) is accountable for leading ITSM consulting engagements, delivering value-driven improvement initiatives, and guiding clients through transformation programmes that align people, process, and technology. This role requires both depth in ITSM frameworks (ITIL, COBIT, ISO/IEC 2000, SIAM, Agile, DevOps) and breadth in applying them to drive measurable business results. The Consultant acts as a trusted advisor, thought leader, and implementation specialist across multiple sectors.

KEY RESPONSIBILITIES

· Lead and manage ITSM-driven transformation and improvement projects for Pink Elephant clients.

· Conduct process maturity and capability assessments using frameworks such as ITIL, COBIT, ISO/IEC 2000, and CMMI.

· Design strategic roadmaps and implementation programmes aligned to client objectives and Pink Elephant's consulting methodologies.

· Facilitate executive and operational workshops, enabling clients to define and execute their service management strategies.

· Advise clients on governance, service design, automation, and experience management (XLAs).

· Support pre-sales activities, proposal development, and client solution design in collaboration with Sales and Technology teams.

· Contribute to Pink Elephant's thought leadership through content creation, webinars, and participation in industry events.

· Actively support the Pink Elephant corporate strategy, promoting collaboration across divisions and maintaining high-quality delivery standards.

· Ensure client satisfaction, delivery excellence, and achievement of agreed project KPIs and utilisation targets.

PROFESSIONAL / TECHNICAL EXPERTISE

Essential

o  Graduate qualification or equivalent industry experience.

o  ITIL 4 Managing Professional (or ITIL Expert v3 equivalent).

o  5–8 years' experience in ITSM consulting, advisory, or transformation roles.

o  Proven record of leading ITSM process improvement or implementation projects.

o  Strong knowledge of ITIL, COBIT, ISO/IEC 2000, SIAM, Agile, and DevOps.

o  Excellent facilitation, presentation, and communication skills.

o  Full clean driving licence and own transport.

o  Willingness to travel across South Africa and the African continent.

Desirable

o  Certifications in PRINCE2, AgilePM, PMP, COBIT 5, ISO/IEC 27001, or DevOps.

o  Experience with ITSM and automation platforms (e.g. HaloITSM, Servicely AI, ServiceNow, Freshservice).

o  Experience contributing to industry forums, conferences, or publications.

KEY IMPACT AREAS

· Delivery excellence and client satisfaction.

· Quality of consulting outputs and recommendations.

· Thought leadership and contribution to Pink Elephant's brand reputation.

· Growth of new and existing client relationships.

· Achievement of personal and team KPIs and utilisation targets.

WHY JOIN PINK ELEPHANT

At Pink Elephant South Africa, you'll collaborate with some of the most respected professionals in the ITSM field, working on innovative transformation programmes that shape the digital future of service management. Join us and be part of a team recognised as Leaders in Next-Gen Service Management.

The IT Service Management Consultant – Subject Matter Expert (SME) is accountable for leading ITSM consulting engagements, delivering value-driven improvement initiatives, and guiding clients through transformation programmes that align people, process, and technology. This role requires both depth in ITSM frameworks (ITIL, COBIT, ISO/IEC 2000, SIAM, Agile, DevOps) and breadth in applying them to drive measurable business results. The Consultant acts as a trusted advisor, thought leader, and implementation specialist across multiple sectors.

Key Responsibilities

· Lead and manage ITSM-driven transformation and improvement projects for Pink Elephant clients.

· Conduct process maturity and capability assessments using frameworks such as ITIL, COBIT, ISO/IEC 2000, and CMMI.

· Design strategic roadmaps and implementation programmes aligned to client objectives and Pink Elephant's consulting methodologies.

· Facilitate executive and operational workshops, enabling clients to define and execute their service management strategies.

· Advise clients on governance, service design, automation, and experience management (XLAs).

· Support pre-sales activities, proposal development, and client solution design in collaboration with Sales and Technology teams.

· Contribute to Pink Elephant's thought leadership through content creation, webinars, and participation in industry events.

· Actively support the Pink Elephant corporate strategy, promoting collaboration across divisions and maintaining high-quality delivery standards.

· Ensure client satisfaction, delivery excellence, and achievement of agreed project KPIs and utilisation targets.

Professional / Technical Expertise

· Essential

o Graduate qualification or equivalent industry experience.

o ITIL 4 Managing Professional (or ITIL Expert v3 equivalent).

o 5–8 years' experience in ITSM consulting, advisory, or transformation roles.

o Proven record of leading ITSM process improvement or implementation projects.

o Strong knowledge of ITIL, COBIT, ISO/IEC 2000, SIAM, Agile, and DevOps.

o Excellent facilitation, presentation, and communication skills.

o Full clean driving licence and own transport.

o Willingness to travel across South Africa and the African continent.

· Desirable

o Certifications in PRINCE2, AgilePM, PMP, COBIT 5, ISO/IEC 27001, or DevOps.

o Experience with ITSM and automation platforms (e.g. HaloITSM, Servicely AI, ServiceNow, Freshservice).

o Experience contributing to industry forums, conferences, or publications.

Key Impact Areas

· Delivery excellence and client satisfaction.

· Quality of consulting outputs and recommendations.

· Thought leadership and contribution to Pink Elephant's brand reputation.

· Growth of new and existing client relationships.

· Achievement of personal and team KPIs and utilisation targets.

Why Join Pink Elephant

At Pink Elephant South Africa, you'll collaborate with some of the most respected professionals in the ITSM field, working on innovative transformation programmes that shape the digital future of service management. Join us and be part of a team recognised as Leaders in Next-Gen Service Management.

Job Types: Full-time, Permanent

Application Question(s):

• What is your total current salary?
• What is your expected total salary?
• Are you permanently/contract basis employed or unemployed?
• What is your notice period?

Work Location: In person

• Who we're looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.
• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.
• Where you'll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We're in the business of rewards and incentives, so we know a thing or two about the importance of giving back. We can't grow as a business without growing as individuals, so we are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn - only by working as a team will we reach our goals.

We're the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

This role will be responsible for:

• ISMS Ownership & Audit Readiness

• Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

• Coordinate and lead internal audits (quarterly for TZ) and external certification audits.
• Write up audit findings and risk reports for SLT and the Board.
• Monitor ISMS KPIs and compliance metrics .

• Risk Management

• Own the company-wide risk register and associated documentation (excluding the risk framework itself).

• Support teams in identifying, assessing, and documenting risks.
• Track and ensure timely implementation of Risk Treatment Plans.
• Monitor and report on key risk metrics.

• Incident & Corrective Action Management

• Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

• Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

• Maintain and develop ISO 27001-compliant security policies (non-Engineering).

• Coordinate business-wide security awareness training (e.g., KnowBe4).
• Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

• Complete InfoSec and risk sections of client due diligence questionnaires.

• Support the development of a Trust Centre to streamline security responses.

What we're looking for

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.
• A strong understanding of risk frameworks, internal controls, and compliance management.
• Experience with audit coordination and ISMS documentation.
• The ability to translate technical and regulatory language into business-friendly advice.
• Working knowledge of privacy, AML, and business continuity requirements.
• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).
• Exceptional communication, reporting and organisational skills.

Benefits

We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum
• Retirement Fund (5%)
• Health insurance contribution
• Employee Incentive Scheme
• Hybrid Working
• Top spec equipment including laptop, mouse, keyboard, monitor
• Anniversary gifts
• Monthly breakfasts, drinks, snacks and events
• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world's leading businesses.

Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation.

If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Information Security Analyst

Acacium Group – Woodstock, Cape Town

Permanent, Full Time

Salary: R35 000 per month plus amazing benefits

Unlock Your Potential

Are you a technically minded individual with a passion for cybersecurity? Are you eager to grow and develop within a global organisation?

This is an excellent entry-level opportunity to launch your career in Information Security.

As an Information Security Analyst, you will play a key role in supporting our security operations and governance frameworks. You'll work closely with both technical teams—such as Infrastructure, Service Delivery, and Application Management—and non-technical teams including Legal, Compliance, HR, Audit, and Risk. You'll also engage with end users to promote best practices and ensure ongoing compliance across the organisation.

Every Day, You Will…

• Conduct threat hunting activities to proactively identify and mitigate risks.
• Assist in security incident management, including triaging alerts and coordinating responses.
• Support regular reviews of suppliers, project risks, and user access.
• Help update IT security policies and practices.
• Deliver and assess IT Security & Cyber Awareness training, audits, and testing.
• Contribute to maintaining compliance with standards like ISO 27001, Cyber Essentials Plus, NHS DSP Toolkit, and GDPR.
• Compile monthly and quarterly security reports.
• Assist in cyber incident response and business continuity efforts.

What's In It For You?

• Hands-on technical training and exposure to a wide range of systems
• Opportunities to earn certifications in the Information Security field
• Access to senior stakeholders and involvement in impactful corporate projects
• Mentorship from experienced professionals to guide your development
• A strong focus on your career growth, with the tools, support, and guidance to help you thrive
• Unmatched career progression, thanks to being part of a global group spanning healthcare, staffing, and life sciences
• Exciting events and incentives, both locally and across the wider group
• Employer contributions to medical aid
• Subsidised transport options

Join Us and Make a Difference

Acacium Group is a global healthcare solutions partner offering staffing, managed services, and innovative delivery models to health and social care systems and the life sciences industry. We are powered by the best people and have an unrivalled and diverse range of capabilities, all while incorporating our company values into everything we do:

Putting People First, Always by Your Side, Driven by Excellence.

Join us and play a key part in shaping the future of society and improving people's lives

To Thrive in This Role, You Must Have…

• A positive, logical, and proactive approach to problem-solving
• Strong organisational and time management skills
• The ability to prioritise tasks and deliver high-quality outcomes
• Clear written communication skills, especially when creating technical documentation for non-technical audiences
• The ability to identify and manage risks within the business and Information Security framework
• Confidence and strong verbal communication skills
• CompTIA Security+
• Microsoft Security Operations Analyst

Employment Equity

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.

Designation:

Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category:

Information Technology

Job Level:

Professionally qualified and experienced specialists and mid-management

Posted by:

PSG Financial Services

Posted on:

03 Oct 2025

Reference Number:

POS08450

Closing date:

30-Oct-2025

Position Type:

Permanent

Location:

Waterfall Magwa Crescent

Overview:

VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT

PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit