160 Threat Detection jobs in South Africa

Introduction

Through our client-facing brands Metropolitan and Momentum, with Multiply (wellness and rewards program), and our other specialist brands, including Guardrisk and Eris Property Group, the group enables business and people from all walks of life to achieve their financial goals and life aspirations.We help people grow their savings, protect what matters to them and invest for the future. We help companies and organization's care for and reward their employees and members. Through our own network of advisers or via independent brokers and utilising new platforms Momentum Metropolitan provides practical financial solutions for people, communities, and businesses. Visit us at

Disclaimer

As an applicant, please verify the legitimacy of this job advert on our company career page.

Role Purpose

This position is responsible for performing various tasks. This role is also required to conduct ongoing research in the IT security arena and regularly assist in the sales process.The ideal candidate will be responsible for conducting comprehensive penetration tests, identifying vulnerabilities, and providing recommendations to improve security posture. The ideal candidate must have experience in all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, applications, hosts, firewalls, mobile applications, etc.) and related policies and procedures. They must be highly motivated and have a good command of industry best practices.

Requirements

• 5+ years of experience in penetration testing, vulnerability assessment, or a related field.

• Deep knowledge of security testing methodologies and frameworks (OWASP, NIST, etc.).

• Proficiency with advanced penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, etc.

• Strong scripting skills (Python, Bash, PowerShell, etc.) for automating security tasks.

• In-depth understanding of network protocols, operating systems, web technologies, and cloud environments.

• CISSP and CEH certification preferred.

• OSCP, OSEP, CCSP, CRTE, CRTP, or CRTO certification or equivalent is an advantage.

Duties & Responsibilities

• Lead and conduct comprehensive penetration tests on networks, applications, and systems to identify security weaknesses.

• Develop and implement advanced security test plans, scenarios, and scripts.

• Perform in-depth vulnerability assessments and security analysis using both automated tools and manual techniques.

• Document and report security findings, providing actionable insights to clients and detailed recommendations for remediation.

• Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.

• Research and stay current with emerging security threats, vulnerabilities, and technology trends.

• Participate in security incident response activities when required.

• Assist in the development and refinement of security policies, procedures, and standards.

• Provide training, guidance, and mentorship to junior penetration testers and other security staff.

• Perform security assessments, including application scans (using tools such as Nessus, Burp Suite) and code reviews, to ensure compliance with Momentum Group's SDLC policies.

• Participate in a variety of other internal security projects and information security activities as required.

Competencies

• Strong knowledge of OWASP Top 10 vulnerabilities and how to exploit/mitigate them.

• Excellent technical writing skills for creating detailed assessment reports.

• Self-driven, motivated, independent yet communicative and collaborative.

• Ability to work unsupervised in a remote capacity and deliver results.

• Good organizational skills and time management; ability to resolve conflicts, prioritize tasks, and follow quality benchmarks.

• Strong verbal communication skills for presenting findings to technical and non-technical stakeholders.

• Demonstrate a strong ability to engage with various stakeholders, have a team-based approach, and work towards shared goals and outcomes.

• Ability to think outside the box and a passion to improve your skills and drive innovation.

Company Description

INTERCERT is a multinational company headquartered in Texas, USA, operating in over 28 countries. Founded in 2009, INTERCERT is dedicated to building a secure and sustainable world through customer-centric services. We are accredited by leading organizations, including America's accreditation board under IAF for ISO Certification Services, Cloud Security Alliance for CSA STAR Certification services, AICPA CPA Firm for SOC1 & SOC2 Audit Attestation and CREST accreditation for PEN Testing Services. Our services also encompass CMMC, PCI DSS Certification, and Data Protection compliance for standards such as GDPR, HIPAA, and Cybersecurity frameworks. With a team of over 150 experienced assessors, we deliver global assessment services with a focus on compliance and excellence.

Role Description

This is a full-time, on-site role for an Information Security Analyst / Interns at INTERCERT INC., located in South Africa. The Information Security Analyst / Intern will be responsible for day-to-day tasks such as assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Qualifications

Bachelor's Degree or equivalent focused on Information
Security/Cybersecurity

Experience Level

0-6 months

Roles and Responsibilities

Assist with the planning and execution of GRC audits such as ISO 27001, ISO 22301, ISO 27701, SOC2, GDPR etc.

Help assess the design and effectiveness of internal controls, including business and IT controls.

Prepare reports and documentation for external audits and communicate audit findings and recommendations.

Stay updated on evolving regulatory changes, industry standards, and best practices related to GRC, risk management, and auditing.

Overview

Nedbank, Johannesburg, Gauteng, South Africa

Position: Information Security Analyst II

Requisition Details & Talent Acquisition Specialist

REQ - Thembile Ndlovu

Closing Date: 03 September 2025

Available Roles: 2

Career Stream: IT Risk

Leadership Pipeline: Manage Self: Technical

To analyse information security related tasks within the ambit of existing information security policies, standards and processes, procedures and practices as well as business rules. Working independently to deliver on work tasks. Mentor Administrators and Analyst I. Collaborate with other specialists to execute analysis work tasks, perform operational tasks, question, recommend and update improvements to the existing policies, process and procedures. To ensure stability and up-time for areas the incumbent takes responsibility for, which could require availability on demand to perform job related duties outside of normal working hours.

• Capture timesheets timeously and accurately
• Capture claims timeously and accurately
• Propose solutions that must be cost effective whilst meeting information security requirements within budget.
• Participate in negotiations on fair pricing from vendors for new technologies procured.
• Manage and/or resolve low, medium and high incidents and engage with Specialists to resolve the high complexity incidents.
• Build relationships with stakeholders to facilitate the flow of knowledge, input and discussion on new products and solutions as required by stakeholders.
• Facilitate and manage the incident and problem management process when stakeholder environments are affected.
• Oversee the implementation of the information security changes and check for the shortcomings and risks.
• Interpret MIS and system logs/reports with the view to analyse and correct any deviations against standards and best practices.
• Participate in the implementation of new products as provided in the selection criteria.
• Act as the 1st point of problem resolution for non-routine incidents and 1st line support for problems.
• Ensure compliance to standards and practices by familiarizing and keeping abreast of information security policies, rules, standards and processes, procedures and practices as well as business rules.
• Document and maintain all relevant processes and procedures mindful of current policies and standards.
• Create and maintain information security standards.
• Oversee and monitor the information security environment according to set standards.
• Review and contribute to project documentation including business requirements, designs and implementation.
• Create design documentation according to relevant standards and practices
• Implement specific information security technologies.
• Gain further exposure and experience on multiple technologies by job shadowing Information Security Analysts III and Technical Specialist.
• Log, submit and implement low, medium and high risk changes independently.
• Provide guidance and supervision to Administrators and Analyst I on implementation and changes.
• Oversee and ensure change was successful in certain cases and when required perform unit testing.
• Oversee and ensure back-ups are done, documents are stored and statuses updated.
• Analyse logs and reports independently and provide supervision to Administrators and Analyst I.
• Monitor and action Service Manager low, medium and high impact incidents and emails related to Information Security.
• Ensure job related tasks and processes are in place.
• Ensure that the logging and submitting of all relevant incidents have taken place and resolve low, medium and high incidents.
• Conduct risk and root cause analyses around exceptions, queries, incidents as per operational procedures with the relevant internal and external stakeholders and provide feedback, confirm stakeholder satisfaction.
• Keep abreast of legislation and other industry changes that impacts on role by reading the relevant newsletters, websites and attending sessions.
• Improve personal capability and stay abreast of developments in field of expertise by identifying training courses and career progression opportunities for self through input and feedback from managers.
• Ensure information is provided correctly to stakeholders by maintaining knowledge sharing with team.
• Transfer of knowledge to team members.
• Identify and recommend opportunities to enhance processes, systems and policies and support implementation of new processes, policies and systems.

• Initial focus will be to implement Identity and Access Management (IAM), encryption, and network security in both Azure and AWS.
• Support and maintain both Azure and AWS across Infrastructure as Code, containers and applications pipelines.
• Very strong networking skills.
• Experience with multiple security technologies.
• Building relationships with I&O Teams.

• Matric / Grade 12 / National Senior Certificate
• Advanced Diplomas/National 1st Degrees

• Degree or certification in computer science or similar field
• Microsoft and AWS certifications: SC-200, SC-300, SC-400, Azure Security Engineer Associate, Azure Solutions Architect Expert, Cybersecurity Architect, and AWS certifications listed below

• AWS Certified Solutions Architect – Associate
• AWS Certified SysOps Administrator – Associate
• AWS Certified Solutions Architect – Professional
• AWS Certified DevOps Engineer – Professional
• Strong knowledge on Linux Operating System
• Strong knowledge on Linux Networks
• Strong knowledge in Linux virtualization
• Knowledge of scripting languages: Python, PowerShell, Bash, JavaScript/TypeScript, Terraform, YAML and JSON

• SABSA – Sherwood Applied Business Security Architecture would be preferable
• Good knowledge to ensure compliance with ISO 27001, GDPR, NIST and CSA guidelines

• At least 8 years in an IT environment of which at least 5 years in information security
• Cloud platform knowledge – AWS and Azure
• Networking knowledge – WAN, LAN and routing
• Low-level design documentation skills
• Knowledge of CSA, NIST and ISO frameworks
• Experience delivering high-quality design for cloud environments including Kubernetes and cloud PaaS services
• Experience working with large cross-functional teams
• Experience working in high pressure demanding environments

• Administrative procedures and systems
• Data analysis
• Governance, Risk and Controls
• Principles of project management
• Relevant regulatory knowledge
• Relevant software and systems knowledge
• Cluster Specific Operational Knowledge
• System Development Life Cycle (SDLC)
• TCP/IP
• Information Security terms and definitions
• Relevant Operating System
• Information Security policies and procedures
• Vendor Management Principles

• Applied Learning
• Communication
• Collaborating
• Customer Focus
• Initiating Action
• Managing Work
• Technical/Professional Knowledge and Skills

Contact: Nedbank Recruiting Team at

• Associate

• Full-time

• Information Technology

Referrals increase your chances of interviewing at Nedbank by 2x

Role Purpose

This position is responsible for performing various tasks. This role is also required to conduct ongoing research in the IT security arena and regularly assist in the sales process.The ideal candidate will be responsible for conducting comprehensive penetration tests, identifying vulnerabilities, and providing recommendations to improve security posture. The ideal candidate must have experience in all forms of complex technical security assessments of clients' information technology systems (including the Internet, Intranet, applications, hosts, firewalls, mobile applications, etc.) and related policies and procedures. They must be highly motivated and have a good command of industry best practices.

Requirements

• 5+ years of experience in penetration testing, vulnerability assessment, or a related field.
• Deep knowledge of security testing methodologies and frameworks (OWASP, NIST, etc.).
• Proficiency with advanced penetration testing tools such as Metasploit, Burp Suite, Nessus, Nmap, etc.
• Strong scripting skills (Python, Bash, PowerShell, etc.) for automating security tasks.
• In-depth understanding of network protocols, operating systems, web technologies, and cloud environments.
• CISSP and CEH certification preferred.
• OSCP, OSEP, CCSP, CRTE, CRTP, or CRTO certification or equivalent is an advantage.

Duties and Responsibilities

• Lead and conduct comprehensive penetration tests on networks, applications, and systems to identify security weaknesses.
• Develop and implement advanced security test plans, scenarios, and scripts.
• Perform in-depth vulnerability assessments and security analysis using both automated tools and manual techniques.
• Document and report security findings, providing actionable insights to clients and detailed recommendations for remediation.
• Collaborate with cross-functional teams to prioritize and resolve security vulnerabilities.
• Research and stay current with emerging security threats, vulnerabilities, and technology trends.
• Participate in security incident response activities when required.
• Assist in the development and refinement of security policies, procedures, and standards.
• Provide training, guidance, and mentorship to junior penetration testers and other security staff.
• Perform security assessments, including application scans (using tools such as Nessus, Burp Suite) and code reviews, to ensure compliance with Momentum Group's SDLC policies.
• Participate in a variety of other internal security projects and information security activities as required.

As an applicant, please verify the legitimacy of this job advert on our company career page

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

The KPMG Africa Information Security Specialist is responsible for ensuring the confidentiality, integrity, and availability of all systems across KPMG Africa offices (South Africa, Botswana, Mauritius, Mozambique, Namibia, Zambia, Zimbabwe, Nigeria, Ghana, Kenya, Uganda, Tanzania, and Rwanda). The role involves actively managing and monitoring information security systems to detect, respond to, and remediate security risks and threats across the infrastructure.

4. Position Specifications

Educational Requirements (minimum necessary to perform the job):

• Professional / Tertiary qualification

Other Requirements:

Experience (minimum necessary):

Desired Qualifications and Experience:

• 3-5 years' experience in Information Technology Support or Information Security, including Microsoft Azure
• Industry-recognized certifications such as A+, N+, Security+, CySA+, and Cloud Security certifications like:

o Microsoft Certified: Security Operations Analyst Associate

o Microsoft Certified: Information Protection and Compliance Administrator Associate

o Microsoft Certified: Security, Compliance, and Identity Fundamentals

o Microsoft Certified: Identity & Access Management

o Microsoft Certified: Azure Security Engineer

• Professional certifications such as CISM, CISSP, ECIH are preferred but not required
• Strong knowledge of information security and cloud security concepts
• Experience in identifying, analyzing, and reporting on security risks and incidents
• Experience with security tools such as Qualys, Microsoft Defender Endpoint, Microsoft Sentinel, etc.
• Ability to evaluate vulnerabilities, develop mitigation strategies, and implement remediation
• Strong knowledge of operating systems, Microsoft Servers, Active Directory, and network protocols and technologies

5. Core Competencies:

• Attention to detail and accurate documentation
• Analytical skills to interpret information
• Ability to work independently and in a team
• Organizational and prioritization skills under pressure

6. Key Responsibilities & KPIs

Main Responsibilities:

• Monitoring incident response channels
• Executing the Information Security Incident Management Process and escalating high-priority issues
• Tracking and escalating open incidents
• Producing weekly and quarterly reports for the CISO on incident status and trends

Security Systems Configuration and Management:

• Daily monitoring of security systems to ensure proper functioning
• Configuration and management of security tools such as vulnerability, privileged access, and log management systems
• Reconciliation of assets to ensure coverage of security systems
• Reporting and issue resolution support for operational teams

Patch Management Monitoring:

• Monitoring patch management performance and identifying risks
• Addressing challenges to compliance

Threat and Event Monitoring:

• Detecting and escalating security threats and events

Vulnerability Management:

• Monitoring vulnerabilities daily
• Monthly asset reconciliation
• Managing vulnerability remediation with owners
• Supporting penetration testing activities

Supporting NITSO projects and other initiatives as required.

ROLE DESCRIPTION: Information security specialists focus on keeping an organisation’s data and IT infrastructure secure, which requires a diverse set of skills and responsibilities.

TASK AND RESPONSIBILITIES:

1. Conduct threat and risk analysis and analyse the business impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues. Implement vulnerability assessments and configure audits of operating systems, web servers, databases, and detect patterns, insecure features, and malicious activities in the infrastructure.
2. Perform research, testing, evaluating, and deployment of security technology and procedures.
3. Run diagnostics on any changes to data to verify any undetected breaches.
4. Develop custom systems for specialized security features and procedures for software systems, networks, data centres, and hardware.
5. Develop and implement information security standards, guidelines, and procedures.
6. Keep current with new intrusion methods and develop protection plans. Have an in-depth understanding of vulnerabilities, management systems, and common security applications.
7. Conduct counteractive protocols and report incidents. Offer customized risk ratings for vulnerabilities based on company policies and maintain IT security controls documentation.
8. Provide customized security assessments, implement security policies, design security training materials, organize training sessions, provide technical support, and communicate security policies and procedures.

FUNCTIONAL KNOWLEDGE:

Contribute to strategy formulation & execution; business requirement analysis; Incident Management and Response; Business Threat Identification and Communication; Information Risk Assessment and Management; Regulatory and Legal Frameworks; Change Management and Change Risk; GRC and Security Standards, Policies and Practices; Information Risks within Systems and IT Architecture; Information Risks within people and processes; Infrastructure Risks to business delivery; Enterprise and Security Architecture; Operational Security Practices and Management; Information Security Awareness.

• NQF 7 Bachelor's degree in Cybersecurity or a related area, such as computer science or related fields.

• 5 - 6 years or more practical experience in IT and Information Security Governance, of which must include at least 3 years in an active Information Risk management role.