Security jobs in South Africa

Valterra Platinum, formerly Anglo American Platinum, is a leading primary producer of platinum group metals (PGMs), with integrated mining, smelting, and refining operations in South Africa and Zimbabwe, marketing the metal we produce globally. Following our demerger from Anglo American plc, Valterra Platinum is now an independent, publicly listed company with a primary and secondary listing on the Johannesburg and London stock exchanges respectively.

As we embark on this exciting new chapter, Valterra Platinum is positioned to define and pursue its own strategy, anchored in operational excellence, sustainability, and value creation for the long-term. With full accountability for our performance and growth, we are focused on strengthening our capabilities across the entire PGM value chain, from mine to market.

Our independence empowers us to deepen our commitment to stakeholders and lead with purpose – to Unearth Value to Better Our World. We remain steadfast in our ambition to be the world’s foremost producer of platinum group metals, while embedding safety and sustainability in everything we do.

If you're driven by purpose and the opportunity to make a lasting impact, we invite you to join us. Apply today and be part of something bigger.

Number of positions: 01

Location: Corporate Office, Rosebank

This role is responsible for leading the establishing, maturing, and execution of the organisation’s application security capability and data security capability. The application security capability is focused on securing the software development lifecycle (SDLC), platform-as-a-services (PaaS) security lifecycle, and software-as-a-service (SaaS) security lifecycle for all existing and new applications and systems. The data security capability is focused on protecting the confidentiality and integrity of the organisation’s data assets. This includes integrating driving data classification standards across cloud platforms, on-premise systems, and databases containing critical operational and business data.

Job responsibilities include (but are not limited to):

• Establish and take ownership of the cybersecurity capability for securing all business and enterprise applications and for protecting sensitive data across all business operations of the organisation.
• Design and establish a secure software development lifecycle (SSDLC) that integrates security testing tools and processes into the existing development (DevOps/DevSecOps) workflows.
• Perform security architecture and design reviews for new and existing applications, focusing on threat modelling, data flows, and secure component design.
• Ensure application development and deployment practices adhere to relevant regulatory and internal compliance requirements.
• Develop and deliver engaging security training and guidance to developers, engineers, and QA teams to foster a security-first culture.
• Coordinate and manage external and internal application penetration tests, tracking and validating the remediation of all identified findings.
• Design, establish and enforce a company-wide data classification framework and integrate it with security tools and business processes.
• Lead the deployment, configuration, and continuous tuning of data loss prevention (DLP) systems and other data protection tools.
• Lead the monitoring of DLP and data security alerts, investigate potential data leakage incidents, and coordinate with incident response teams for effective containment and resolution.
• Conduct regular data flow analysis to identify unauthorised storage, processing, or transmission of sensitive data.
• Work closely with Legal, Compliance, Procurement, and IM teams to ensure data handling and protection practices comply with relevant regulations (e.g., POPIA, GDPR, local privacy laws) and contractual obligations.
• Create and maintain security policies, standards, baselines, and procedures related to application security and data security, ensuring compliance with relevant regulations (e.g. POPIA, GDPR), zero-trust principles, best practices and internal governance frameworks.
• Act as the primary point of contact for internal and external audits concerning controls for application security and data security.
• Provide training and guidance to IM teams and business stakeholders on best practices for application security and data security.
• Prepare and present regular metrics and key risk indicators (KRIs) on the overall health and security posture of the organisation’s applications & data landscape to IM management and business stakeholders.
• Research, evaluate, and recommend new security technologies and approaches to stay ahead of evolving threats targeting applications and data.
• Establish and maintain strong working relationships with application & data security vendors, service providers, and consultants.

• Grade 12
• An undergraduate qualification (Bachelors degree/Diploma or equivalent) in Computer Science, Information Technology/Systems, Cybersecurity, Artificial Intelligence, Cloud Computing or related field.
• It would be advantageous to have a postgraduate qualification in IT, cybersecurity, or a related field OR a proven track record of extensive practical experience in a role and context of similar complexity.
• Valid EB/Code 08 driver’s license
• Industry Certificates:
• Security certification (e.g. CISSP, CISM, CISA, CCSK, OSCP, CEH, OSCE, GIAC); and/or
• Cloud security certifications (e.g. Microsoft Security, Azure Security, CCSK, CCZK); and/or
• Relevant vendor certifications (any application security solutions, and any data security solutions).

Experience

• 5 – 7 years working experience in a similar role

Technical knowledge(experience) required for role:

• Experience in cybersecurity, with a focus on leading application security and data security capability.
• Strong knowledge of security assessment tools and methodologies.
• Strong knowledge of data protection technology and concepts.
• Excellent problem-solving, communication, and technical skills.

You will also need to have:

• No criminal record
• Good command of English language both written and speaking

If successful, you will be required to undergo a Medical Fitness test.

What We Offer

At Valterra Platinum, you will join a team committed to excellence and impact.

We offer:

• Meaningful work in a high-performance, values-led environment.
• Market-aligned reward and recognition.
• Opportunities for learning, development and progression.
• A culture that respects diversity and encourages innovation.
• A clear commitment to safe Operations.

Inclusion and Diversity

Valterra Platinum is an equal opportunities employer. We are committed to promoting an inclusive and diverse workplace where we value and respect every colleague for who they are and provide equality of opportunity so that everyone can fulfill their potential.
Valterra Platinum has a zero tolerance to dignity harms, these include all acts of gender based violence, bullying, harassment and victimisation. Ensuring the safety of our employees extends beyond physical safety and includes the eradication of harmful behaviours from our workplace. This responsibility extends to everyone at Valterra Platinum both during work hours and outside of work. We are unconditional in creating a respectful, inclusive, and safe working environment to ensure that no colleague will be violated or harassed under our watch.

How to Apply

• To apply for this role, please complete our online application form via this job advert.