65 Threat Intelligence jobs in South Africa

Overview

• Who we’re looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.

• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.

• Where you’ll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We are in the business of rewards and incentives, so we know the importance of giving back. We are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn — only by working as a team will we reach our goals.

We’re the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

• ISMS Ownership & Audit Readiness

  • Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

  • Coordinate and lead internal audits (quarterly for TZ) and external certification audits.

  • Write up audit findings and risk reports for SLT and the Board.

  • Monitor ISMS KPIs and compliance metrics.

• Risk Management

  • Own the company-wide risk register and associated documentation (excluding the risk framework itself).

  • Support teams in identifying, assessing, and documenting risks.

  • Track and ensure timely implementation of Risk Treatment Plans.

  • Monitor and report on key risk metrics.

• Incident & Corrective Action Management

  • Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

  • Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

  • Maintain and develop ISO 27001-compliant security policies (non-Engineering).

  • Coordinate business-wide security awareness training (e.g., KnowBe4).

  • Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

  • Complete InfoSec and risk sections of client due diligence questionnaires.

  • Support the development of a Trust Centre to streamline security responses.

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.

• A strong understanding of risk frameworks, internal controls, and compliance management.

• Experience with audit coordination and ISMS documentation.

• The ability to translate technical and regulatory language into business-friendly advice.

• Working knowledge of privacy, AML, and business continuity requirements.

• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).

• Exceptional communication, reporting and organisational skills.

We offer all our employees trust and empower our team to work with flexibility and autonomy. We’re a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum

• Retirement Fund (5%)

• Health insurance contribution

• Employee Incentive Scheme

• Hybrid Working

• Top spec equipment including laptop, mouse, keyboard, monitor

• Anniversary gifts

• Monthly breakfasts, drinks, snacks and events

• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world’s leading businesses. Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation. If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

Overview

We re seeking an Information Security Officer to lead and mature Precium s security posture as we scale across markets and deepen our enterprise and global footprint. You ll be responsible for building fit-for-purpose security practices that enable innovation safeguard customer trust and meet compliance obligations in regulated and enterprise-driven environments.

Reporting into the VP of Engineering this role will sit at the intersection of engineering operations compliance and leadership helping us embed security into the DNA of how we build and deliver payment infrastructure. If you re a proactive problem-solver with a strong technical foundation and a pragmatic approach to risk we d love to meet you.

Why this role matters :

Precium operates in one of the most sensitive and scrutinised spaces : financial services and payments. Our ability to protect customer data uphold regulatory expectations and earn trust is core to our business success. With a growing portfolio of enterprise and global clients our security capabilities must scale ahead of risk not behind it.

This role is critical in helping us achieve our mission to build world-class payment infrastructure that makes doing business in Africa effortless.

• Develop own and maintain Precium s information security roadmap and risk register in alignment with business and compliance needs.
• Implement and enforce best practice security policies across infrastructure applications endpoints and data management.
• Support product engineering and compliance teams in embedding security-by-design into the SDLC and platform operations.
• Lead internal risk assessments and external security audits (e.g. PCIDSS ISO 27001 SOC 2) with relevant stakeholders.
• Conduct regular vulnerability assessments penetration tests and risk modelling in collaboration with external providers.
• Establish incident response procedures and act as a point of contact in the event of a breach or suspected threat.
• Champion security education and awareness across the company fostering a culture of accountability and care.
• Work with clients and partners to complete security reviews and questionnaires as part of enterprise procurement processes.
• Stay up to date with emerging threats regulatory updates and security technologies relevant to fintech and payments.
• Responsible for Internal IT security requirements that include amongst others cloud security mobile device management management of Google Workspace Password changes etc.

• Scaling security in a high-growth startup environment without slowing down delivery.
• Navigating a complex stakeholder landscape where security intersects with engineering velocity client trust and compliance.
• Building clarity and confidence in security practices while working with legacy and new systems.
• Meeting (and staying ahead of) regulatory and enterprise requirements across multiple jurisdictions.

Who you are :

We are looking for someone who thrives in complexity takes ownership and is motivated by impact over title.

The ideal candidate will bring :

• 4 years of experience in information security in a Fintech.
• Solid understanding implementation and day to day running of Information Security with a major emphasis on maintaining PCI-DSS compliance.
• Strong knowledge of security governance risk management and compliance (GRC).
• Additional experience in cloud infrastructure (preferably AWS) secure coding practices and data protection frameworks.
• Relevant supplier and partner management experience.
• Experience leading and implementing certifications like ISO 27001 SOC 2.
• Excellent communication skills and the ability to engage both technical and non-technical stakeholders.
• A hands-on pragmatic approach with the ability to design scalable solutions.
• Passion for continuous learning and an interest in shaping systems from the ground up.

What it takes to succeed : Experience in B2B selling of a tech service or SaaS product into the large business market. A prospective solid network of potential clients as well as reselling partners Experience in rapidly structuring and scaling a sales organisation in multiple locations, scale-up / start-up experience, would be advantageous Demonstrated Sales management experience, including hiring, developing and driving accountability. Proven ability to manage sales teams from different cultures in diverse countries. Experience with fast-paced scale-up environments thrives on the challenge of getting things done quickly and delivering results. Experience in an international and diverse team environment So, if you're up for a thrilling adventure, working with a diverse and dynamic team, and pushing the boundaries of innovation, join our client on this extraordinary journey! Your talents and passion are exactly what they need to take their company to the next level!

Key Skills

International Development,Information Systems,Community,Information Technology Sales,Corporate Recruitment

Employment Type : Full Time

Experience : years

Vacancy : 1

Our client, a leading financial services firm, is seeking an Information Security Consultant to join their team on a permanent basis.

• Security Auditing
• Responsible for Security tools monitoring
• Network experience (TCP/IP, Firewalls, IPS, NAC)
• Operating System management and Hardening
• Anti-Virus System management and Configuration
• Logical Access Management
• Vulnerability Management

• Matric and an Information Technology diploma or degree qualification
• 4+ years experience in the field

Salary: Market Related

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level - thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS
• Evaluates and selects security technologies, tools, and frameworks to support the organization's security
• Define portfolio vision and reusable security patterns aligned with the EA strategy
• Lead architecture reviews for high-risk projects, driving recommendations to resolution
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS
• Manage security architects and mentor engineers, developers, and vendors

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture
• Teamwork and Energy - work across different functional and business teams with effective collaboration
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF)

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business
• Good experience in security architecture design in Cloud and on-prem
• Design and implementation of IOT, endpoint protection, and secure IAM
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling

• Mid-Senior level

• Contract

• Information Technology

• IT Services and IT Consulting

Job title: Information Security Architect

Contract duration: Start with 6 months

First preference: EEE candidates

Location: JHB

The Head of Security Architecture for the organization is responsible for designing, implementing, and maintaining robust security architectures that protect sensitive data in compliance with regulations such as POPIA, GDPR. This role is critical in safeguarding the confidentiality, integrity, and availability of electronic health records (EHR), patient and employee information, medical devices, and cloud-based healthcare services. The role will focus on designing and developing security architecture that aligns business and corporate security strategy. The role will collaboratively direct Security Architects, IT, and Engineers to design and build security controls and solutions compliant with approved enterprise architecture frameworks and standards across business and digital.

Key Responsibilities:

• Design and develop complex and comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs.
• Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle.
• Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains.
• Model threats and risks, designing the controls necessary to mitigate them, on both an organizational and technical level – thinking like an attacker, understanding and anticipating the moves and tactics that a hacker might use to attack systems.
• Follow the architecture analysis process, which consists of research, validation, and evaluation of all new initiatives, with phase gate reviews presented to all stakeholders during key forums, including current trends such as AI and LLMS.
• Evaluates and selects security technologies, tools, and frameworks to support the organization’s security.
• Define portfolio vision and reusable security patterns aligned with the EA strategy.
• Lead architecture reviews for high-risk projects, driving recommendations to resolution.
• Advise on security controls for hybrid and cloud platforms, balancing usability, cost, and compliance.
• Defines and applies security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
• Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team.
• Experience with Cloud Security platform vendors and technologies such as Azure and AWS.
• Manage security architects and mentor engineers, developers, and vendors.

What will you bring?

• Risk-based decision-making - expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost-effective controls.
• Pen-testing & threat-modelling - scoping, overseeing, and translating results into enforceable patterns and backlog items.
• Influential communication - proven ability to engage C-suite and delivery stakeholders alike, adapting style to gain agreement and drive secure-by-design culture.
• Teamwork and Energy – work across different functional and business teams with effective collaboration.
• Technical depth - hands-on knowledge of cloud security, IAM, container & API security, network segmentation, encryption, and DevSecOps toolchains; capable of explaining the exploitability of complex vulnerabilities. Zero trust design thinking.
• Mentoring & governance - experience in line-managing or coaching security architects/engineers and running architecture assurance or design-review boards.
• Secure-system design leadership - demonstrable track record creating or validating architectures for large-scale, high-risk services using recognised frameworks (SABSA, TOGAF).

Requirements / Skills and Competence

• Tertiary qualification in Computer Science, Engineering, or related field (preferred)
• Minimum of 5-10 years of experience in Security Architecture.
• CISSP, CISA, CISM, or other relevant security-related designation(s) preferred.
• Certifications in CISSP-ISSAP, TOGAF, or SABSA, cloud architecture (Microsoft, AWS, GCP)
• Experience in identifying gaps in existing architectures.
• Understanding of security infrastructure in Public and Private Cloud, e.g., virtual network infrastructure, hybrid IaaS/PaaS/SaaS solutions.
• Experience in designing security architectures to mitigate threats and sound knowledge of security strategies and technologies.
• Direct the Project and Security teams with the guidance to build policies, standards, risks, and controls frameworks supporting operational requirements for the business.
• Good experience in security architecture design in Cloud and on-prem.
• Design and implementation of IOT, endpoint protection, and secure IAM.
• Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.) and other IAM technologies
• Understanding of the implementation, operation, and maintenance of SIEM, boundary protection technologies (firewalls, mail gateways), Antivirus, and AD security products
• Knowledge of web application architectures and threat modelling.

Job Description

We are representing a cornerstone of the South African financial services landscape with a legacy spanning over a century. As a mission-driven trusted service provider our client is dedicated to delivering value and security to its members. This is an opportunity to join an organisation that prides itself on strong values employee development and rewarding excellent performance while leading a critical function in a stable and respected institution.

As the new Chief Information Security Officer you will inherit the critical mission of evolving and leading the enterprise-wide cybersecurity strategy for the entire Group. This is not a maintenance role. You will be the central figure in protecting the organizations digital assets systems and data against an ever-evolving threat landscape. Your success will be measured by your ability to balance robust security with business innovation ensuring the company can confidently adopt new technologies while strengthening its reputation as a secure and trustworthy partner for its clients.

Performance Objectives for Year One

Success in this role will be defined by achieving the following key outcomes within the first 12 months :

• Develop and Launch the Next-Generation Security Strategy : Within the first nine months conduct a comprehensive review of the current security posture and develop gain executive approval for and begin executing a future-focused information security strategy. This strategy must align with the Groups business goals and securely enable key digital innovation initiatives including the adoption of cloud AI and advanced data analytics.
• Lead a Comprehensive Compliance & Governance Overhaul : Drive a thorough assessment of all information security policies and controls to ensure robust compliance with key regulations and standards including POPIA GDPR and ISO 27001. You will lead all related initiatives to mitigate gaps and successfully guide the organization through all security and compliance audits within the first year.
• Strengthen Cyber Resilience and Incident Response : Within the first six months lead the project to re-engineer test and enforce a modernized Cyber Incident Response Plan (CIRP) and disaster recovery framework. The goal is to create a highly responsive capability that demonstrably minimizes legal reputational and financial risk from potential cyber threats like ransomware and data breaches.
• Build a Company-Wide Culture of Security Awareness : Design and implement a new engaging cybersecurity awareness and training program that extends to all departments. Success will be measured by a significant verifiable increase in employee vigilance and a corresponding reduction in user-related security incidents.
• Architect Security for Key Technology Transformation : Serve as the primary security advisor and architect for the enterprise. You will collaborate with ICT and business leaders to embed security-by-design principles into the adoption of new technologies ensuring the secure deployment of new cloud services IAM solutions and data platforms.

Profile for Success

To accomplish these objectives you will need a track record of past performance including :

Required Experience :

Chief

Key Skills

International Development,Information Systems,Community,Information Technology Sales,Corporate Recruitment

Employment Type : Full-Time

Experience : years

Vacancy : 1

Information Security Officer (CISO) to lead enterprise-wide cyber security efforts. In this strategic leadership role, you will be responsible for driving the Group’s information security strategy, ensuring the protection of AVBOB’s digital assets, systems, and data. You will play a critical part in upholding regulatory compliance, managing cyber risk, and strengthening our reputation as a trusted service provider.

You will be working for a company that is over 100 years old with strong values. In return for your services, you will be paid a competitive remuneration package. You will be working for an organisation that values employee development and rewards excellent performance.

Responsibilities include :

Develop and execute AVBOB’s information security strategy aligned with business goals and digital innovation.

Serve as a trusted advisor to executives, balancing innovation and cyber risk.

Drive secure adoption of technologies including cloud, AI, and data analytics.

Identify and mitigate cybersecurity threats (e.g., ransomware, data breaches, insider threats).

Lead security assessments, technology deployments, and compliance audits.

Collaborate with ICT, PMO, and Group Risk to manage enterprise-wide security initiatives.

Ensure compliance with POPIA, GDPR, ISO 27001, and industry standards (NIST, PCI-DSS, CIS).

Minimise legal, reputational, and financial risk through proactive governance.

Develop and enforce AVBOB’s Cyber Incident Response Plan (CIRP).

Oversee disaster recovery and continuity planning.

Lead security audits, assessments, and real-time threat investigations.

Implement training programs to build cybersecurity awareness across all departments.

Foster a culture of shared responsibility and high performance within the security function.

Information Security Officer • Centurion, ZA