Sourceworx

Information Security Team Leader

Sourceworx  •  South Africa (Onsite)  •  3 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description


Role Purpose

The Information Security Team Leader is responsible for leading and executing operational cybersecurity functions, including security monitoring, penetration testing, vulnerability management, and digital forensic investigations The role ensures the protection of organisational and client information assets through proactive security testing, effective incident response, and disciplined investigative practices.

This role acts as the technical and operational lead, translating information security strategy into practical, measurable outcomes while supporting compliance, risk reduction, and service delivery excellence.

Key Responsibilities

1. Team Leadership & Operational Oversight

  • Lead, mentor, and coordinate the Information Security, SOC, and Digital Forensics teams
  • Allocate operational tasks across monitoring, testing, investigations, and support functions
  • Set clear performance expectations and track KPIs for security operations and investigations
  • Support skills development, certifications, and technical maturity within the team

2. Security Operations & Incident Response

  • Oversee daily SOC activities, including threat detection, alert triage, escalation, and response
  • Lead security incident investigations, ensuring proper containment, eradication, and recovery
  • Maintain and test incident response and escalation procedures
  • Produce postincident reports, rootcause analysis, and improvement recommendations

3. Penetration Testing

  • Plan, conduct, or oversee penetration testing engagements (internal, external, web, and endpoint where applicable)
  • Ensure testing activities follow approved methodologies and ethical guidelines
  • Validate vulnerabilities through controlled exploitation where permitted
  • Compile penetration testing reports, including risk ratings and remediation guidance
  • Support remediation verification and retesting activities

4. Vulnerability Assessment & Management

  • Lead regular vulnerability scanning and assessments across infrastructure, applications, and endpoints
  • Analyse scan results to distinguish false positives from real risk
  • Prioritise vulnerabilities based on business impact and threat context
  • Track remediation actions and report on vulnerability trends and risk posture
  • Support secure configuration and patch management initiatives

5. Digital Forensic Investigations

  • Lead and conduct digital forensic investigations into security incidents, fraud, data breaches, and insider threats
  • Ensure evidence is collected, preserved, and analysed in line with forensic standards and legal requirements
  • Maintain chainofcustody documentation and investigation records
  • Produce forensic investigation reports suitable for management, audit, or legal review
  • Support internal disciplinary processes and external investigations where required

6. Risk, Governance & Compliance

  • Support security risk assessments and control reviews
  • Ensure operational compliance with internal policies and external regulatory requirements
  • Contribute to maintaining alignment with frameworks such as ISO 27001, NIST, or equivalent
  • Assist with audits, client security assessments, and assurance activities

7. Security Advisory & Awareness

  • Provide security guidance to IT, development, and business teams
  • Support securebydesign initiatives and change reviews
  • Deliver security awareness and technical training where required
  • Act as a subjectmatter expert for penetration testing and forensic matters

Minimum Qualifications

  • Bachelor’s degree in Information Security, Computer Science, IT, or related field
  • Professional certifications such as CEH, Security+, CHFI, OSCP (advantageous)
  • 4–6 years’ experience in cybersecurity, including hands-on testing or investigation work
  • 2 years in a senior or team leadership role

Technical Skills & Knowledge

  • Penetration testing methodologies and tools
  • Vulnerability scanning and remediation lifecycle
  • Digital forensic tools and investigative techniques
  • SOC operations and incident response
  • Microsoft security technologies (Defender, Sentinel, Intune, Entra ID)
  • Security governance, policies, and risk management

Key Competencies

  • Strong technical leadership and decisionmaking
  • Analytical and investigative mindset
  • High ethical standards and attention to detail
  • Clear written and verbal communication
  • Ability to operate under pressure during incidents
  • Stakeholder and clientfacing professionalism

Performance Measures

  • Effectiveness of penetration testing and remediation outcomes
  • Vulnerability exposure reduction over time
  • Quality and timeliness of forensic investigations
  • Incident response metrics and rootcause resolution
  • Team performance and skills progression
  • Audit and compliance outcomes
Sourceworx

About Sourceworx

SOURCEWORX provides IT solutions that are tailored to suit the unique needs of any organization. With over 16 years of experience in the ICT Industry, our expertise lies in analysing, identifying, solving, and effectively managing various business challenges.

Our approach is centered around comprehensively understanding your ICT landscape and combine this understanding with our extensive expertise to develop custom-made solutions. These customised solutions encompass a Cybersecurity Operations Centre(SOC), Network Operations Centre(NOC), Software development and IT Risk Management.

We offer IT services to Public and Private sector locally and internationally.

Industry
IT & Software
Company Size
51-200 employees
Headquarters
Johannesburg, ZA
Year Founded
Unknown
Website
sourceworx.co.za
Social Media