43 Senior Security Analyst jobs in Johannesburg

• Manage and resolve firewall-related tickets efficiently.
• Add, modify, and optimize firewall rules in line with security best practices.
• Configure Palo Alto firewalls confidently and effectively.
• Implement secure changes without disrupting business operations.
• Monitor and analyze security systems to proactively prevent breaches.
  
  
  

• Palo Alto Certification (essential).
• Proven experience managing and configuring Palo Alto firewalls.
• Strong understanding of firewall rule creation and security change management.
• Familiarity with common security protocols and network monitoring tools.
• Excellent troubleshooting and analytical skills.
  
  
  

• Experience working with Checkpoint firewalls.
• Exposure to other enterprise security solutions.
  
  
  

• 100% remote work operate from anywhere in South Africa.
• Competitive salary aligned with experience.
• Join a dynamic, security-focused team with cutting-edge tools and projects.
  

InfyStrat is seeking a motivated Cyber Security Analyst to join our team and contribute to our mission of safeguarding our digital assets and infrastructure. In this role, you will monitor, detect, and respond to security threats, vulnerabilities, and incidents across our systems. You'll perform risk assessments, analyze security breaches, and provide remediation recommendations while collaborating with various teams to enhance our security posture. This is a fantastic opportunity to grow your skills in a fast-paced environment while playing a critical role in protecting our organization from cyber threats.

• Monitor security alerts and events from various sources, including SIEM tools, to identify and respond to security threats.
• Conduct thorough investigations of security incidents, documenting findings and coordinating response actions.
• Assist in the development and implementation of security policies, procedures, and guidelines to protect sensitive information.
• Perform vulnerability assessments and penetration testing to identify security weaknesses.
• Analyze trends and patterns in security incidents and provide recommendations for improving defense mechanisms.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
• Work with IT and development teams to ensure secure configurations and practices across all systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2+ years of experience in cybersecurity, information security, or a related role.
• Strong understanding of security principles, concepts, and technologies.
• Experience with security monitoring tools, SIEM platforms, and incident response procedures.
• Familiarity with network security, firewalls, intrusion detection/prevention systems, and secure coding practices.
• Knowledge of security frameworks and regulatory standards (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication skills to effectively collaborate with cross-functional teams.
• CERT, CISSP, CISM, or equivalent security certifications are a plus.

Cloud Security Analyst Key Responsibilities

• Implement, manage, and monitor cloud security controls (IAM, RBAC, MFA, encryption, auditing).
• Design and enforce Identity & Access Management (IAM) and Role-Based Access Controls (RBAC) across cloud infrastructure.
• Configure and maintain encryption standards (TLS, AES-256) for data in transit and at rest.
• Conduct regular audits, penetration tests, and monitoring to identify vulnerabilities.
• Ensure compliance with security frameworks and standards (ISO 27001, NIST, SOC2, GDPR, POPIA).
• Implement cloud monitoring tools for threat detection and incident response.
• Collaborate with DevOps/Cloud Engineers to embed security into CI/CD pipelines (shift-left security).
• Prepare and deliver security assessment reports for leadership and compliance teams.
• Stay updated on evolving cloud security risks, tools, and industry trends.

• Minimum 5 years experience in Cloud Security, Information Security, or Cybersecurity.
• Strong knowledge of cloud security best practices (AWS, Azure, or GCP preferred).
• Expertise in IAM, RBAC, and MFA solutions.
• Hands-on experience with encryption protocols (TLS, AES-256).
• Solid understanding of audit processes and compliance frameworks .
• Proficiency with monitoring and security tools (SIEM, CloudTrail, Azure Sentinel, Splunk, etc.).
• Knowledge of container security and serverless environment security.
• Relevant certifications advantageous (CCSP, CISSP, CISM, Microsoft/Azure Security, AWS Security).

ENVIRONMENT

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Red Team Penetration Tester /Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analysing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

• Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
• Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
• Conduct network penetration tests
• Conduct application penetration tests (web and thick client)
• Conduct wireless and mobile security assessments
• Conduct social engineering assessments
• Conduct physical security assessments
• Effectively communicate successes and obstacles with fellow team members and line managers
• Interface with client contact(s) and staff in a constructive and professional manner
• Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
• Utilise common vulnerability assessment and penetration testing tools

• Working as part of a Red Team and assisting with the following duties (but not limited to):
• Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
• Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
• Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
• Escalate privileges and maintain persistence
• Exfiltrate and / or complete objectives

• Research new vulnerabilities with a focus on high-profile products
• Understand the terminology and tactics employed by threat actors Research new attack methods

• Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
• Previous Red Team experience required

Security Analyst - Penetration Testing & Red Teaming

Johannesburg, South Africa

Job Openings Security Analyst - Penetration Testing & Red Teaming

Exciting Opportunity: Security Analyst: Penetration Testing & Red Teaming Specialist

Our client is looking for a talented Security Analyst who is ready to take on a variety of security assessments and grow their career in a high-energy, cutting-edge environment.

Responsibilities:

Penetration Testing:

• Collaborate within a team of experts to conduct vulnerability assessments and penetration tests across a wide range of technologies.
• Assess network, application (web and thick client), mobile, wireless, social engineering, and physical security, using both automated and manual techniques.
• Engage with clients professionally to deliver insights and constructive feedback, ensuring their security needs are met.
• Dive deep into security topics like network, database, and application security, developing your expertise along the way.
• Leverage your skills with penetration testing tools to uncover vulnerabilities and improve security measures.

Red Teaming:

• Become part of an elite Red Team, focusing on reconnaissance using open-source intelligence (OSINT) to gather actionable data.
• Take the lead in compromising systems by identifying vulnerabilities in people, processes, and technology.
• Develop and deploy command-and-control servers and custom payloads, establishing persistence within target environments.
• Evolve your craft by creating new tools, techniques, and procedures to avoid detection by defenders.
• Work on escalation, maintaining long-term access to compromised networks, and exfiltrating critical data.

Research and Development:

• Stay ahead of the curve by researching and identifying new vulnerabilities, focusing on high-profile products and systems.
• Understand and analyze the latest tactics used by threat actors to craft innovative security strategies.
• Develop and refine attack methodologies that will be used to strengthen future defensive efforts.

Requirements:

Experience:

• 2-5 years' hands-on Penetration Testing, including a strong background in network, mobile, web, and wireless security assessments.
• Strong understanding of common vulnerability assessment and penetration testing tools.
• Ability to think critically and creatively to solve complex security challenges.
• Strong communication skills for both internal collaboration and client-facing interactions.
• Passion for continuous learning and staying updated on the latest in cybersecurity.