Security Testing & GRC Specialist (Pen Tester + Governance, Risk & Compliance)

We are seeking a versatile Security Specialist who can combine deep hands-on expertise in ethical hacking and security testing with a strong understanding of governance, risk, and compliance (GRC). This person will ensure our systems are continuously tested for vulnerabilities while also aligning our practices with regulatory and organizational security requirements.

• Conduct penetration testing, ethical hacking, and vulnerability assessments using industry-standard tools (e.g., BurpSuite, OWASP ZAP, Metasploit, etc.).
• Identify, document, and report security vulnerabilities, providing remediation guidance to development and operations teams.
• Develop and maintain GRC frameworks, policies, and procedures in line with industry standards (ISO 27001, NIST, GDPR, POPIA, etc.).
• Support risk assessments, audits, and compliance initiatives.
• Act as a bridge between technical security testing and compliance-driven governance activities.
• Provide security awareness and compliance training as needed.

• Proven experience as a penetration tester, ethical hacker, or security engineer.
• Familiarity with GRC frameworks, regulatory compliance, and audit processes.
• Strong knowledge of application, cloud, and infrastructure security.
• Excellent communication and reporting skills to both technical and non-technical stakeholders.

• Client-Centric Mindset
• Collaborative Leadership
• Adaptability Growth Orientation
• Integrity Accountability
• Innovation Problem Solving
• Communication Influence
• Alignment with Company Values

• Initial contract position
• Location : Johannesburg – hybrid way of work
• Level : Senior

Want to work for an organization that solves complex real-world problems with innovative software solutions? At iOCO, we believe anything is possible with modern technology, software, and development expertise. We are continuously pushing the boundaries of innovative solutions across multiple industries using an array of technologies.

You will be part of a consultancy, working with some of the most knowledgeable minds in the industry on interesting solutions across different business domains.

Our culture of continuous learning will ensure that you will have all the opportunities, tools, and support to hone and grow your craft.

By joining IOCO you will have an open invitation to developer inspiring forums. A place where you will be able to connect and learn from and with your peers by sharing ideas, experiences, practices, and solutions.

iOCO is an equal opportunity employer with an obligation to achieve its own unique EE objectives in the context of Employment Equity targets. Therefore, our employment strategy gives primary preference to previously disadvantaged individuals or groups.