Information Security Lead

Harris ComputerJohannesburg, Gauteng, South Africa

24 days ago

Job description

Join Interfile—South Africa’s leading Electronic Bill Presentment & Payment (EBPP) fintech—where we design, build, and run large-scale digital services used by millions, partnering with top banks, major corporates, and government. You’ll work on modern architectures across both new builds and enhancements in a culture that prizes innovation, seamless integration, and exceptional delivery. We’re customer-obsessed and known for helping organizations modernise. Our Fourways office—right across from Montecasino—offers a modern workspace with a Vitality-certified gym, canteen, and great chill areas.

Purpose of the role :

Lead and continuously improve our information security posture across on-prem and cloud—covering platforms, hardware, networks, and data centres. You’ll drive vulnerability remediation through both automation and hands-on work, ensure compliance with POPIA, and design, implement, and uplift security standards and frameworks (e.g., ISO 27001 / 27002, NIST CSF 2.0). You’ll also own risk management and incident response while championing a security-first culture across the business.

Responsibilities :

Security Assessment & Management

Conduct regular security assessments across infrastructure, applications, and data environments.

Implement and manage SAST and DAST tools and processes.

Track, report, and drive remediation of vulnerabilities and security issues.

Security Posture & Reporting

Develop and maintain dashboards and reports that clearly communicate the organization’s security posture.

Define and track KPIs for security posture, remediation velocity, and compliance.

Collaborate with internal teams to ensure visibility and accountability for remediation efforts.

Automation & Remediation

Design and implement automated security controls and remediation workflows.

Work with DevOps and IT teams to integrate security into CI / CD pipelines.

Compliance & Regulatory Alignment

Ensure alignment with POPIA and other applicable data protection regulations.

Support audits and compliance reporting requirements.

Work with legal and compliance teams to ensure data handling aligns with privacy laws.

Standards & Frameworks

Contribute to the design and rollout of security standards such as ISO 20027.

Align security practices with NIST CSF 2.0 and other relevant frameworks.

Risk Management

Conduct risk assessments and maintain a security risk register.

Collaborate with business units to understand and mitigate security risks tied to operations and products.

Incident Response & Forensics

Develop and maintain incident response plans.

Lead investigations into security breaches and coordinate post-incident reviews.

Security Awareness & Training

Design and deliver security awareness programs for staff.

Promote a security-first culture across technical and non-technical teams.

Third-Party & Vendor Security

Assess and manage security risks related to vendors, partners, and third-party services.

Ensure contracts and SLAs include appropriate security clauses.

Secure Architecture & Design

Participate in solution architecture reviews to ensure security is embedded from the start.

Advise on secure design patterns and threat modeling.

Requirements (Essential) :

Bachelor’s degree in Information Security, Computer Science, or related field.

At least one security certification : CISSP, CISM, CEH, CompTIA Security+, ISO 27001 Lead Implementer (or similar).

5+ years in an information security role (or similar).

Proven security experience across infrastructure, applications, and data environments.

Hands-on with SAST / DAST tools (e.g., SonarQube, OWASP ZAP, Burp Suite).

Strong vulnerability management and remediation workflow expertise.

Familiarity with automation / scripting (e.g., Python, PowerShell) and CI / CD tooling.

Working knowledge of POPIA and other data-protection regulations.

Experience with security frameworks (e.g., NIST CSF, ISO 27001 / 27002).

Ability to communicate technical risks and remediation plans to non-technical stakeholders.

Nice to Have (Desirable)

Proactive, detail-oriented, strong sense of ownership.

Comfortable collaborating across multiple teams and disciplines.

Passion for security, compliance, and continuous improvement.

Multiple or advanced security certifications.

#J-18808-Ljbffr

Create a job alert for this search

Information Security • Johannesburg, Gauteng, South Africa

Related jobs

Promoted

Information Security and Governance Senior Manager

People SourceJohannesburg, South Africa

The Senior Manager Information Security and Governance is responsible for the development of Information Security risk and governance management strategy and frameworks, including developing and im...Show moreLast updated: 30+ days ago

Promoted

Chief Information Security Officer

OutsidecapitalJohannesburg, Gauteng, South Africa

We are representing a cornerstone of the South African financial services landscape with a legacy spanning over a century. As a mission-driven trusted service provider our client is dedicated to del...Show moreLast updated: 30+ days ago

Promoted

Information Security Officer

Boardroom AppointmentsSandton, South Africa

Maintain Operational Systems, Networks and Security.Facilitate annual PCI audits and ensure ongoing compliance.Ensure Linux systems are patched promptly and securely, coordinating through the corre...Show moreLast updated: 30+ days ago

Promoted

AI Information Security Manager

TelebestJohannesburg, South Africa

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensi...Show moreLast updated: 30+ days ago

Promoted

Information Security Architect

InfyStratJohannesburg, Gauteng, South Africa

Job title : Information Security Architect.Contract duration : Start with 6 months.First preference : EEE candidates.The Head of Security Architecture for the organization is responsible for designing...Show moreLast updated: 30+ days ago

Promoted

Director : Information Security (P5) (Information & Communication Systems : Management Informatio[...]

University of JohannesburgJohannesburg, Gauteng, South Africa

Director : Information Security (P5) (Information & Communication Systems : Management Information Systems).The University of Johannesburg (UJ) is a vibrant and cosmopolitan university, anchored in A...Show moreLast updated: 30+ days ago

Promoted

Information Security Specialist

KalagadiJohannesburg, Gauteng, South Africa

Information security specialists focus on keeping an organisation’s data and IT infrastructure secure, which requires a diverse set of skills and responsibilities. Conduct threat and risk analysis a...Show moreLast updated: 30+ days ago

Promoted

Information Security Administrator I

Nedbank Private WealthJohannesburg, Gauteng, South Africa

To support our Email and Web Security Team and alleviate current workload pressures we are seeking an individual with : Proven expertise in ServiceNow including a strong track record of successful ...Show moreLast updated: 2 days ago

Promoted

Cyber Security Architecture and Engineering Manager

Control RisksJohannesburg, Gauteng, South Africa

We are seeking a hands on, skilled and detail-oriented Security Leader to spear head our Architect and Engineering department with expertise in Microsoft technologies to join a rapidly expanding gl...Show moreLast updated: 24 days ago

Promoted

Information Security Management System (ISMS) Specialist

Vector Logistics LimitedMidrand, Gauteng, South Africa

Information Security Management System (ISMS) Specialist.We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature-controlled net...Show moreLast updated: 30+ days ago

Promoted

Ai Information Security Manager

TelebestJohannesburg, Gauteng, South Africa

Promoted
New!

Information Security Management System (ISMS) Specialist

Edge ExecutivesJohannesburg, South Africa

Information Security Management System (ISMS) Specialist | Westville, KZN | Permanent.Help a national operation achieve and sustain ISO / IEC 27001 excellence. If you thrive on building robust securit...Show moreLast updated: 16 hours ago

Promoted

Team Lead Security Engineer

Hire ResolveRandburg, Gauteng, South Africa

A leading provider in vehicle tracking telematics and security technology is seeking a highly skilled Team Lead Security Engineer to head up a dedicated security engineering team.The position calls...Show moreLast updated: 30+ days ago

Promoted

Manager, Information Cyber Security

Standard Bank of South Africa LimitedJohannesburg, Gauteng, South Africa

Location : ZA, GP, Johannesburg, Baker Street 30.To provide expert professional knowledge and technical skills within a specialist area. To support the bank's Information Security initiatives, the as...Show moreLast updated: 30+ days ago

Promoted

Information Security Management System (ISMS) Specialist

Vector LogisticsMidrand, Gauteng, South Africa

Information Security Management System (ISMS) Specialist.We are a Supply Chain and Sales & Merchandising partner adding value to your business through a fully integrated, temperature‑controlled net...Show moreLast updated: 30+ days ago

Promoted

Lead Specialist : IT Security

ATNS SOC LimitedGauteng, South Africa

Others : IT and Telecommunication.PurposeTo identify and mitigate cyber security risks through the deployment of technologies, processes and ensuring employee awareness. To report security breaches a...Show moreLast updated: 30+ days ago

Promoted

Information Security And Governance Senior Manager

People SourceJohannesburg, Gauteng, South Africa

Promoted

Chief Information Security Officer

AvbobGauteng, South Africa

Chief Information Security Officer in Centurion.Location : Centurion, Gauteng, ZA.Job Posting End Date : 21 Oct 2025.The Road Accident Fund\'s mission is to provide appropriate cover to all road user...Show moreLast updated: 30+ days ago