213 Senior Security Manager jobs in South Africa

• Who we're looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.
• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.
• Where you'll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We're in the business of rewards and incentives, so we know a thing or two about the importance of giving back. We can't grow as a business without growing as individuals, so we are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn - only by working as a team will we reach our goals.

We're the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

This role will be responsible for:

• ISMS Ownership & Audit Readiness

• Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

• Coordinate and lead internal audits (quarterly for TZ) and external certification audits.
• Write up audit findings and risk reports for SLT and the Board.
• Monitor ISMS KPIs and compliance metrics .

• Risk Management

• Own the company-wide risk register and associated documentation (excluding the risk framework itself).

• Support teams in identifying, assessing, and documenting risks.
• Track and ensure timely implementation of Risk Treatment Plans.
• Monitor and report on key risk metrics.

• Incident & Corrective Action Management

• Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

• Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

• Maintain and develop ISO 27001-compliant security policies (non-Engineering).

• Coordinate business-wide security awareness training (e.g., KnowBe4).
• Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

• Complete InfoSec and risk sections of client due diligence questionnaires.

• Support the development of a Trust Centre to streamline security responses.

What we're looking for

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.
• A strong understanding of risk frameworks, internal controls, and compliance management.
• Experience with audit coordination and ISMS documentation.
• The ability to translate technical and regulatory language into business-friendly advice.
• Working knowledge of privacy, AML, and business continuity requirements.
• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).
• Exceptional communication, reporting and organisational skills.

Benefits

We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum
• Retirement Fund (5%)
• Health insurance contribution
• Employee Incentive Scheme
• Hybrid Working
• Top spec equipment including laptop, mouse, keyboard, monitor
• Anniversary gifts
• Monthly breakfasts, drinks, snacks and events
• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world's leading businesses.

Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation.

If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Designation: Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category: Information Technology

Job Level: Professionally qualified and experienced specialists and mid-management

Posted by: PSG Financial Services

Posted on: 03 Oct 2025

Reference Number: POS08450

Closing date: 30-Oct-2025

Position Type: Permanent

Location: Waterfall Magwa Crescent

Overview
VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT
PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

Job Description
The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

*Responsibilities:
Strategic Leadership & Governance *

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

*Architecture & Identity Management *

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

*Security Operations *

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

*Financial Management *

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

*Cyber Security Operations Center (SOC) Oversight *

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

*Security Technology Lifecycle Management *

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

*Risk Management & Compliance *

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

*Awareness, Education & Training *

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

*Team Leadership & Culture *

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

*Reporting *

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

*Minimum requirements: *

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

*Experience in the following technologies and concepts: *

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

*Competencies required: *

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

*How to apply: *
Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies .

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit

Role Overview

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.
• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.
• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Role Overview:

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

Key Responsibilities:

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.
  
  

Qualifications & Experience:

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.

• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.

• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Position: Security Manager

Salary: Market related

Location: Boksburg

Job type: Permanent

Industry: Trading and Distribution

Our client is a trader, recycler and distributor of scrap metal with operations in Foundry, Scrap Metal, Logistics, Clearing and Forwarding. They are looking for a Security Manager to join their team as soon as possible. This position is based in Boksburg, Gauteng.

• Develop, implement, and maintain comprehensive security policies, procedures, and protocols to safeguard company and client assets.
• Conduct regular risk assessments to identify security vulnerabilities and potential threats; develop and implement risk mitigation strategies.
• Oversee the recruitment, training, and supervision of a security team of 80–100 personnel, including armed and unarmed guards, ensuring compliance with company standards and legal regulations.
• Manage the daily operations of a 24-hour security function, including shift scheduling, deployment, performance monitoring, and incident response coordination.
• Supervise and control all aspects of armed guard operations, including vetting, licensing, deployment, and compliance with legal and safety requirements.
• Administer the issuance, maintenance, and secure storage of company firearms, ensuring all relevant firearm permits, competency certifications, and records are up to date and comply with regulatory requirements.
• Monitor and manage security technology infrastructure, including CCTV surveillance systems, access control, alarms, and other security systems.
• Manage the overall security budget and procurement of equipment and services while ensuring cost-efficiency and compliance with financial protocols.
• Ensure the organization adheres to all applicable laws, regulations, and standards related to occupational health, safety, privacy, and security.
• Develop and deliver ongoing security training and awareness programs for all staff to enhance incident preparedness and compliance.
• Prepare and present comprehensive reports on security operations, incidents, and key metrics to senior management and stakeholders.
• Act as the primary liaison with internal departments, external vendors, law enforcement agencies, and regulatory authorities in all matters related to security operations and investigations.

• Matric
• Relevant security management certification or diploma (e.g. PSIRA Grade A, Security Management, Risk Management, etc.).
• Valid firearm competency certificate (Business Purposes) and knowledge of the Firearms Control Act.
• First Aid, Firefighting, or Health and Safety training will be an advantage.

• 5–10 years of security management experience, preferably within a high-risk or large-scale environment (industrial, corporate, or government sectors).
• Proven experience in managing a large security workforce (80–100+ staff), including armed security personnel.
• Strong background in firearm management, including compliance with relevant firearms legislation, licensing, issuance, and safe handling/storage procedures.
• Experience overseeing 24-hour operations with multiple shifts, including rostering, supervision, and rapid response coordination.
• Demonstrated experience in risk assessment, incident investigation, and crisis management.
• Driver’s license and own reliable transport
• Leadership & Team Management – Ability to lead, motivate, and discipline a large and diverse team of security staff.
• Regulatory Compliance – In-depth knowledge of local laws and regulations related to private security, firearm control, and occupational safety.
• Operational Planning – Competence in managing complex, multi-site or 24-hour security operations with a focus on efficiency and risk reduction.
• Technical Proficiency – Familiarity with modern security systems and technologies including CCTV, access control, alarms, and radio communications.
• Communication & Reporting – Excellent verbal and written communication skills, including report writing and stakeholder engagement.
• Decision-Making – Strong analytical and problem-solving skills; ability to make sound decisions under pressure.
• Training & Development – Experience developing and delivering security training programs and conducting drills.
• Integrity & Professionalism – High standards of ethics, confidentiality, and professionalism.

Please note that only shortlisted candidates will be contacted. We endeavour to reply to each and every application, however, should you not hear back from us within 14 days please consider your application unsuccessful.

By applying for this position, you confirm that the information you have provided is true, correct and up to date.

The Security Manager’s primary purpose is to provide management support within the Security department. The incumbent will lead and support the team to ensure compliance with business processes and contribute to performance improvement within the Security division.

Responsibilities

• Identify and mitigate risks
• Control room management
• Conduct risk assessments and implement preventative measures
• Visit satellite branches on a daily basis to identify possible security risk
• Daily risk assessments and evaluations of branches
• Manage on site security staff
• Manage and escort of customers with Non-ferrous loads to and from Epping
• Management of Risk within Transport and fleet management
• Risk auditing and reporting
• Develop a network of intelligence to identify high loss areas and implement corrective actions
• Ensure that correct standard operating procedures are adhered to

QUALIFYING EXPERIENCE

• Grade 12 certificate or equivalent
• 5-8 years supervisory experience
• Code 8 Driver's License with valid and reliable vehicle
• Knowledge of security management
• Willingness to work overtime and night shift as and when required
• Previous experience in a physically demanding mining or production working environment would be advantageous

QUALIFYING ATTRIBUTES

• Committed, hardworking and self-motivated
• Strong interpersonal skills
• Ability to work under challenging conditions
• Sound communication skills (understand, read and write English)
• Must be prepared to work overtime when required
• Time management and organizational skills
• Display a professional work approach
• Ability to work independently and within a team
• Excellent standards in execution

Other Information

• Reporting to National Security Manager
• Job Type: Permanent Position
• Standard hours: (07h30–17h00: Monday – Thursday) & (07h30–16h00: Friday)
• May be required to work overtime as per operational requirements
• Salary: We offer a highly competitive package depending on the extent of the applicant’s qualifications and experience.
• Benefits include:
  • Provident Fund
  • Life cover at 4 X annual salary
  • Funeral cover
  • 15 X paid leave days per annum
  • Medical aid – Hospital Plan with Discovery Health
  • Long service leave after five years of employment

We are an equal opportunities employer and welcome applications from all qualified candidates. External candidates are encouraged to apply for this vacancy by no later than Thursday 09 October 2025.

Please note that the successful candidate will receive a formal, written offer of employment after all applicable pre-employment checks have been completed.

Definition
The security manager is primarily responsible for overseeing the company security and safety functions for employees and clients. The Security Manager will be responsible for strategic planning, organizing, communications and interface with management, employees and law enforcement. The position includes supervising of security team members and assistance with scheduling and personnel issues.

Education and Qualification Requirements:
Minimum Requirements:

1. Grade 12, N3 or relevant NQF level 4 qualification.
2. Bachelor’s Degree in Security or Risk Management or recognised equivalent.
3. Registration with the South African Institute of Security.
4. PSIRA Grade A-registered and accredited.
5. SAPS firearm competency will be advantageous.
6. Valid EB/Code 8 Drivers License
7. Minimum 10 years’ experience in the security discipline, of which five (5) years should have been at senior management level within the diamond mining security environment.
8. A comprehensive understanding of the security function gained through formal education and complemented with practical experience as a security professional.
9. A sound understanding and skills in terms of business focused security solutions that are pragmatic and innovative.
10. A thorough understanding of mining and processing environments that enables and supports the proactive identification of vulnerabilities that could be exploited by those with criminal intent.
11. Good knowledge and understanding of methodologies relating to physical, electronic and information security, and other security technologies.
12. Extensive experience in conducting forensic investigations and managing and analysing electronic case management databases.
13. Specialist experience in research of organised crime groupings, information gathering and analysis processes and analysis and interrogation of systems data.
14. Specialist experience in understanding and recognising criminal incident behaviour, suspect profiling and identification of organised crime threats.
15. Experience in operating a variety of industry standard analytical tools for effective analyses of data.
16. Been accountable for managing departmental budgets and conducted business planning process and resource allocation.
17. A proven record of building relationships and establishing commitment across a range of stakeholders, internal and external to the organisation.
18. Led and motivated teams of people in a commercial environment and had inputs into their personal and career development through coaching and mentoring.
19. Managed and implemented new ways of working and established effectiveness improvements.

Skills Required:
• Knowledge of relevant legislation
• Proven track record in Security management or equivalent environment
• Sound management and leadership skills
• Experience in security and/or enterprise risk management
• Knowledge of security related legislation/policies/procedures/standards and the VPSHR and industry legislation
• Advanced knowledge of product security business processes and loss prevention strategies
• Competence in functional security systems used in the business.
• Outstanding analytical, strategic thinking and risk management skills.
• Must have demonstrable crime information management and criminal investigations acumen.
• In-depth knowledge of database types, data modelling, data mining, data warehousing, business intelligence / data visualization tools.
• Strong problem-solving capability and the sustainment of inquisitiveness.
• Ability to effectively handle conflict, give and take constructive criticism and have a strong persuasive impact on others.
• Good communication and influencing skills to drive change at all levels within the operation.
• Strong financial acumen and analytical ability to identify and assess exposure to risks and to examine alternative risk control techniques.
• Strong strategic and operational planning, decision-making and organisational skills.
• Project management skills
• Knowledge of applicable business communication and business report writing
• Ability to be a great mentor and coach and to build capacity aligned to group strategy within the security function.
• Crisis Management
• Cultural Diversity
• Emergency preparedness and response
• Emotional intelligence
• Computer literacy (MS Office package)
Key Duties / Responsibilities:
• Co-ordination, management, supervision and advice to sites’ Senior Management on effective security management systems and solutions, within the business scope.
• Ensure that threats to personnel, assets, and business operations/activities within each site are properly identified, evaluated and mitigated in a timely and cost-effective manner.
• Secure personnel, properties and assets from internal and external security breaches as well as co-ordinate the activities of 3rd Party Security Contractors.
• Ensure a hands-on ownership of security solutions within operations across all sites.
• Support an effective Zone Control Room that is geared for both monitoring as well as Incident response.
• Drive standardization across all sites
• Ensure compliance with Company Site Security Standards

Main Accountabilities

• Advise management on any specific threats to company personnel, assets & information and business operations/activities as they become known.
• Ensuring implementation of security policy, approved security plans and procedures and revising them where necessary.
• In conjunction with the respective business Executive Teams, develop and implement security awareness programs or processes and to protect life, corporate assets and to ensure business continuity.
• Devising and coordinating appropriate security training for security personnel & other nominated personnel.
• Managing effective investigations on detected and reported breaches of security and security incidents.
• Provide briefings for all staff/visitors on security issues on the security situation in the province.
• Advise on the development and strategy for technical projects involving the sites, including security technology, equipment requirements and simplification processes.
• Support leadership’s response to business disruptions and crisis situations.
• Initiate and co-ordinate an immediate response to security incidents where there is a threat to Company employees and assets so as to ensure minimized loss or injury. If necessary, to respond personally to these threats.
• Ensure safety and security of employees whilst on Company premises.
• Report all incidents to respective stake holders.
• Liaise with and develop relationships with various Law Enforcement & Emergency Services in the event of a security incident/emergency (i.e. fire, medical, mechanical breakdown) and to ensure timely reaction to incidents.
• Ensure availability of highly trained security personnel to implement contingency plans effectively.
• Ensuring security reports are submitted on time.
• Manage and transact on all mandatory reporting systems.
• Participate and guide security associated committee on their functions and focus areas.
• Manage constant synergy between business controls and security controls so that internal loss threats, are effectively mitigated.
• Effectively audit, maintain and guide contracted security guards in terms of fit for purpose performance and adherence/compliance with agreed SLA’s.
• Manage the key focus areas as per Group Security Directives inclusive of protection and securing of personnel, assets and processes.
• Ensure the execution of the approved Site Security Plans.