Enable job alerts via email!
Information Security Manager
Kontak Recruitment
Johannesburg
On-site
ZAR 850 000 - 1 000 000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading financial services organization in Johannesburg is seeking an experienced Information Security Manager to lead its cybersecurity strategy and governance. The ideal candidate will have 8+ years of experience in IT security, including 5 years in a leadership role. Responsibilities include overseeing security architecture, SOC operations, and ensuring compliance with regulatory standards. This role is hands-on, balancing strategic and operational duties within a complex and stable environment. Competitive salary and growth opportunities are available.
Qualifications
- 8+ years of IT Security experience, with at least 5 years in a leadership role.
- Strong experience in hybrid cloud security environments.
- Deep knowledge of Microsoft 365 E3/E5 security stack.
Responsibilities
- Define and maintain enterprise-wide cybersecurity strategy.
- Oversee day-to-day security monitoring and incident response.
- Conduct risk assessments and ensure compliance with standards.
Skills
Education
Tools
An experienced Information Security Manager is required to lead cybersecurity strategy, governance, and operations across a hybrid on-prem and cloud environment.
The role has full accountability for security architecture, SOC oversight, Microsoft security platforms, regulatory compliance, and risk management, while working closely with IT leadership and executive stakeholders.
This is a hands-on leadership role, balancing strategy, governance, and operational execution in a complex enterprise environment.
Our client is an established, South Africa–based financial services organisation operating within a regulated, enterprise-scale environment. The business offers investment, insurance, and wealth-related services, supporting a large national client base through secure, high-availability digital platforms.
Technology is central to the organisation’s operations, with IT teams responsible for maintaining and enhancing business-critical systems, data integrity, and information security. The environment is stable, professionally managed, and suited to experienced IT professionals who value structure, accountability, and working on systems with long-term operational impact rather than short-term or experimental projects.
Location: Midrand, Johannesburg, Gauteng.
Salary: R1 000 000 per annum.
- Bachelor’s degree in IT, Computer Science, or related field (or equivalent experience)
- 8+ years’ IT Security experience, with at least 5 years in a leadership role
- Strong experience in hybrid cloud security environments
- Deep knowledge of Microsoft 365 E3/E5 security stack
- Proven experience managing SOC operations, SIEM, SOAR, and threat intelligence
- Experience with BYOD security and distributed branch environments
- Strong stakeholder engagement and leadership capability
- Certifications (highly advantageous):
- CISSP or CISM
- Microsoft Certified: Cybersecurity Architect Expert
- GIAC Security Operations or similar
- Enterprise-focused, structured, and compliance-driven
- Comfortable operating at both strategic and operational levels
- Strong decision-making and problem-solving ability
- Clear communicator with executive presence
- Resilient, deadline-driven, and detail-oriented
- Security Strategy & Governance
- Define and maintain enterprise-wide cybersecurity strategy aligned with business and regulatory requirements.
- Establish and enforce security policies, standards, and governance frameworks.
- Ensure alignment with NIST Cybersecurity Framework and Joint Security Standards.
- Monitor emerging threats, regulatory changes, and industry best practice.
- Architecture & Identity Security
- Design secure solutions across hybrid infrastructure, including Azure and on-prem environments.
- Integrate security into infrastructure and application initiatives.
- Manage identity and access controls, including Azure AD, MFA, and privileged access.
- Security Operations & SOC Oversight
- Oversee day-to-day security monitoring, incident response, and threat intelligence.
- Manage Microsoft security platforms, including Defender, Sentinel, Purview, and Conditional Access.
- Oversee 24/7 SOC operations, including incident playbooks, escalation, and KPIs (MTTD, MTTR).
- Risk, Compliance & Audit
- Conduct risk assessments, vulnerability management, and penetration testing.
- Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and related standards.
- Maintain risk registers and manage audit remediation activities.
- BYOD & Network Security
- Define and enforce BYOD security controls, including MDM and DLP.
- Secure branch and remote networks using firewalls, VPNs, and segmentation.
- Financial & Vendor Management
- Manage the cybersecurity budget, licensing, tools, and vendors.
- Track ROI and risk mitigation outcomes.
- Leadership & Awareness
- Lead and develop a cybersecurity team across operations, engineering, and compliance.
- Drive organisation-wide security awareness and training initiatives.
- Provide executive-level reporting on security posture and risk exposure.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
