Information Security Consultant: Operati

What will you do?

In the Information Security Consultant: Operations role, you will be part of a team that is responsible for the operational management, monitoring, and improvement of Sanlam’s information security infrastructure and processes. This role ensures that security measures are effective, compliant, and aligned with industry best practices, while supporting the operational readiness of security platforms across the group.You will collaborate closely with cybersecurity, IT operations, risk management, and business teams to safeguard information assets, manage security vulnerabilities and ensure compliance with relevant regulations and standards.

As part of the Sanlam team focusing on Cyber Security Operations services to businesses on the Shared Sanlam Network, you will:

• Support the management of Public Key Infrastructure (PKI) and Firewall compliance.
• Have a strong focus on Vulnerability & Baseline Compliance Management & Security Configuration Management.
• Manage Data Loss Prevention (DLP) and Third-Party Risk Management across various toolsets.
• Contribute to operational security readiness, process improvements and adherence to internal and regulatory security standards.

What will make you successful in this role?

Key Responsibilities:

• Operate and maintain the vulnerability management solutions to identify, assess and remediate security vulnerabilities.
• Manage and monitor DLP (Data Loss Prevention) solutions to prevent unauthorized data access or transfer.
• Administer and support PKI solutions, including certificate issuance, renewal and revocation.
• Support the assessment and monitoring of third-party cyber risk.
• Maintain and optimize security analytics dashboards to provide actionable insights.
• Assist in investigation and response to operational security incidents.
• Identify, recommend and implement enhancements to operational security processes, controls and tooling.
• Ensure operational security practices comply with internal policies, standards and regulatory requirements.
• Stay current on application security trends, emerging threats, best practices and proactively communicate relevant findings or improvement opportunities to management.
• Work with internal teams to raise awareness, provide guidance and enable secure operational practices.

Qualifications and Experience

• Matric
• A relevant IT qualification.
• Information Security certification (Security+, CISSP would be beneficial)
• Any AWS certification preferable.

Professional Experience:

• 3–5 years’ experience in information security operations, cybersecurity, or related roles which includes:
  • Strong knowledge of vulnerability management, DLP, PKI, and third-party risk frameworks.
  • Network experience (TCP/IP, Firewalls, IPS, NAC)
  • Experience with security analytics and dashboarding tools
  • Familiarity with IT governance, risk, and compliance frameworks
  • Operating System management and hardening (Windows, Linux, CIS Hardening Baselines)
  • Data Loss Prevention infrastructure and ruleset management and configuration
  • Knowledge of Identity platforms like Active Directory
  • Vulnerability Management (use of well-known vulnerability scanning tools and interpretation of CVSS scores)

Technical Competencies:

• Hands-on experience with vulnerability management tools and remediation tracking across enterprise environments.
• Administration and monitoring of Data Loss Prevention solutions, policy & ruleset creation and incident handling.
• Knowledge of AWS security fundamentals, including Service Control Policies (SCPs), IAM concepts and shared responsibility model.
• Management of PKI solutions including certificate lifecycle management and encryption standards.
• Experience with third-party risk assessment tools and monitoring vendor compliance.
• Creation and optimization of security analytics dashboards for operational insights and reporting.
• Knowledge of firewall compliance, security configuration management, privileged account management, and web/email filtering.
• Familiarity with security frameworks, regulatory requirements, and IT governance standards (ISO 27001, NIST, COBIT).
• Ability to troubleshoot complex technical issues, with basic scripting/automation skills and understanding of networking protocols and security systems.
• Scripting or automation for security operations (PowerShell, Python, or similar).
• Basic understanding of CI/CD pipelines, including how security controls integrate into build, test and deployment workflows.
• Experience or exposure to hybrid environments (cloud and on-prem) with a clear understanding of the security considerations and operational journey from on-premises infrastructure to AWS cloud.

Knowledge and Skills

Personal Attributes

Build a successful career with us

We’re all about building strong, lasting relationships with our employees. We know that you have hopes for your future – your career, your personal development and of achieving great things. We pride ourselves in helping  our employees to realise their worth. Through its five business clusters – Sanlam Fintech, Sanlam Life and Savings, Sanlam Investment Group, Sanlam Allianz, Santam, as well as MiWay and the Group Office – the group provides many opportunities for growth and development.

Core Competencies

Turnaround time

The shortlisting process will only start once the application due date has been reached. The time taken to complete this process will depend on how far you progress and the availability of managers. 

Our commitment to transformation