WE ARE HIRING!

We are seeking a dynamic, passionate, confident, proactive, and meticulous
Security Analyst
to join a high-performing and goal-oriented Information Technology team. The successful candidate will play a key role in protecting enterprise systems, networks, applications, and data by monitoring cybersecurity threats, managing vulnerabilities, ensuring compliance, and supporting continuous security improvement initiatives.

KEY DUTIES & RESPONSIBILITIES

Security Monitoring & Incident Response

• 
  Monitor and analyze security alerts from SIEM, EDR, IDS/IPS, and related security tools
• 
  Investigate cybersecurity incidents and coordinate remediation activities with relevant teams
• 
  Maintain and improve incident response plans and procedures
• 
  Participate in incident simulations, tabletop exercises, and security drills
• 
  Document incidents, root causes, lessons learned, and preventive measures

Vulnerability & Risk Management

• 
  Conduct regular vulnerability scans and security risk assessments
• 
  Validate patch implementation and remediation effectiveness
• 
  Track and report on vulnerability remediation progress
• 
  Support IT teams with secure system configurations and hardening activities
• 
  Maintain risk registers and contribute to mitigation planning initiatives

Access Control & Compliance

• 
  Support user access reviews and privileged account monitoring
• 
  Ensure segregation of duties and access governance controls are maintained
• 
  Assist with compliance activities aligned to regulatory and internal security standards
• 
  Maintain accurate documentation for audits and compliance reviews
• 
  Contribute to the development and enhancement of security policies and procedures

Security Improvement & Awareness

• 
  Contribute to cybersecurity awareness and end-user training initiatives
• 
  Research emerging threats, technologies, and cybersecurity best practices
• 
  Support vulnerability assessments, penetration testing, and security audits
• 
  Drive continuous improvement in monitoring, detection, and incident response capabilities

Quality Management

• 
  Ensure all security processes align with GxP, GMP, and data integrity requirements
• 
  Support internal and external audits and ensure timely remediation of findings
• 
  Maintain documentation relating to incidents, CAPAs, validations, and compliance evidence

COMPETENCIES & SKILLS

• 
  Strong analytical and problem-solving skills
• 
  High attention to detail and accuracy
• 
  Ability to work independently and collaboratively
• 
  Strong communication and stakeholder engagement skills
• 
  Ability to work effectively under pressure and manage multiple priorities
• 
  Strong ethical standards and confidentiality awareness

Requirements

QUALIFICATIONS REQUIRED

Minimum Requirements

• 
  Bachelor’s Degree or National Diploma in Information Security, Computer Science, or a related field

Preferred Qualifications

• 
  Industry certifications such as:
  • 
    CompTIA Security+
  • 
    Certified Ethical Hacker (CEH)
  • 
    Certified Information Systems Security Professional (CISSP)
• 
  Training or practical experience in:
  • 
    GxP environments
  • 
    ISO 27001
  • 
    NIST Cybersecurity Framework
• 
  Experience within pharmaceutical, manufacturing, or other regulated industries

EXPERIENCE REQUIRED

Essential Experience

• 
  Minimum 5 years’ experience in IT security operations or cybersecurity analysis
• 
  Experience in:
  • 
    Threat monitoring and detection
  • 
    Incident response and remediation
  • 
    Vulnerability management
• 
  Hands-on experience with:
  • 
    SIEM platforms
  • 
    Endpoint Detection & Response (EDR) tools
  • 
    Log analysis and monitoring solutions
• 
  Strong understanding of:
  • 
    Network security
  • 
    Endpoint security
  • 
    Application security controls
• 
  Familiarity with:
  • 
    Patch management
  • 
    Identity and Access Management (IAM)
  • 
    Risk assessment methodologies

Preferred Experience

• 
  Experience supporting GxP-compliant environments
• 
  Exposure to regulatory frameworks such as:
  • 
    GDPR
  • 
    POPIA
  • 
    ISO 27001
  • 
    NIST
• 
  Knowledge of:
  • 
    Secure configuration standards
  • 
    System hardening practices
  • 
    Security baselines and compliance controls