Cyber Risk & Assurance Advisor (Cape Town or Johannesburg)

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs) - including locations in Dublin, Sofia, Stockholm, Madrid, Rome, and Cape Town - we support more than 2,500 clients across a wide range of industries.

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we'd love to hear from you.

We are currently seeking an energetic individual who wishes to further their career in the IT Risk, Compliance, and Security Consultancy space. Integrity360's Cyber Risk and Assurance team is working in a rapidly growing, fast paced environment with significant opportunities for development. The successful candidate will provide deep, pragmatic and relevant advice to our clients, specifically surrounding Governance, Risk and Compliance elements of their business.

We cherish our talent, we nurture their skills, and we ensure they gain exposure to many sectors. We ensure that they enjoy many positive and productive challenges and plan a path that helps them achieve their career goals.

• Act as a Virtual Information Security Officer (vISO), providing strategic guidance and oversight to clients on managing information security risks.
• Work closely with senior stakeholders to embed security expertise across various organisational functions.
• Assist clients in developing, implementing, and maintaining compliance and security policies, standards, frameworks, procedures, and guidelines, ensuring alignment with organisational strategy and regulatory requirements.
• Conduct privacy and security audits in line with recognised frameworks and standards (e.g., ISO 27001, CIS18, NIST, etc.).
• Perform Privacy Impact Assessments (PIAs) and advise clients on adopting effective data privacy practices.
• Collaborate with clients to define clear governance structures for information security and privacy management.
• Evaluate the design and effectiveness of clients' existing privacy and security controls from a risk, compliance, and assurance perspective.
• Identify opportunities for improvement and support client relationship growth by collaborating with Sales and technical teams.
• Support the Sales team by assisting in proposal development and responding to tenders and RFPs.
• Occasional travel (nationally and internationally) may be required, thus a valid driver's licence and access to a reliable vehicle are essential.

• A good level of senior leadership experience in risk, compliance and security management.
• 5+ years of experience in Cyber Risk, Compliance, and Security Management and Data Privacy.
• Excellent written, spoken, and interpersonal communication skills, with the ability to translate complex security concepts for both executive and technical audiences.
• Excellent listening skills are essential so that you can communicate with the client, empathise with their situation and be able to demonstrate your understanding of their issues.
• Flexibility in working methods and times (role may require you to work extra hours should the client call for it)
• Ability to understand the business context and technology challenges and handle uncertainty and apply appropriate security solutions in response to multiple risks and needs.
• Strong ability to understand PII and data flows from a technical perspective.
• An ability to work with limited guidance but also as part of a mixed skilled team
• Ability to understand technical requirements and functionality.
• Ability to see the big picture and have a keen eye for detail in different situations while making sure the message is clear and understood by all levels within a business.
• Strong understanding of industry standards (e.g. GDPR, ISO 27001, ISO 27701, ISO 27018, SOC2, Cloud Security Alliance (CSA), NIST, COBIT, PCI-DSS, GDPR, DPA, ISO31000).
• Relevant certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CRISC, or similar are advantageous.