Cyber Security Analyst

• Perform hands-on penetration testing across infrastructure, cloud workloads, applications, APIs, and endpoints.  
• Plan and execute adversary simulations / red team exercises to validate Ozow’s real-world defensive capabilities.  
• Conduct targeted security testing of new features, platform changes, and third-party integrations.  
• Validate remediation through retesting and provide clear technical guidance to engineering teams.  
• Partner with stakeholders to support a purple-team approach, strengthening both prevention and detection.  

• Implement and manage security tools and platforms (e.g., vulnerability scanners, SIEM, endpoint protection, WAFs, IDS/IPS).  
• Monitor infrastructure, applications, and networks for threats and vulnerabilities.  
• Investigate and triage alerts, ensuring appropriate response, documentation, and escalation.  
• Respond to security incidents in collaboration with Infrastructure, Engineering, and Risk teams.  

• Lead regular vulnerability assessments across cloud infrastructure, applications, CI/CD pipelines, and endpoints.  
• Prioritise vulnerabilities based on risk, exploitability, and business impact.  
• Track remediation activities across Engineering and Infrastructure and ensure closure within defined SLAs.  
• Maintain clear reporting on findings, trends, and risk reduction over time.  
• Coordinate external penetration testing engagements where needed, ensuring outcomes translate into measurable improvements.  

• Work closely with Architecture, Infrastructure, and Engineering teams to design and deploy secure architectures and patterns.  
• Contribute to implementation of least privilege, network segmentation, encryption, and modern security best practices.  
• Define and validate secure configuration baselines across environments (aligned to CIS Benchmarks where applicable).  
• Support secure software development lifecycle practices including:  
• Secure design input and threat modelling support  
• Dependency and supply chain risk management  
• Secure configuration and hardening of workloads and services  

• Build and improve automation for repeatable processes (triage, reporting, evidence collection, remediation tracking).  
• Develop internal tools and scripts to accelerate security workflows and reduce manual effort.  
• Explore and implement safe, controlled GenAI use cases to strengthen security and operations (e.g., alert enrichment, investigation support, knowledge tooling, pen-testing).  
• Partner with Engineering and Infrastructure to embed automation into development practices, pipelines and workflows (DevSecOps).  

• Support internal and external audits for standards such as PCI DSS, ISO 27001, GDPR, POPIA, and relevant SARB directives.  
• Assist in implementing and evidencing security controls required by regulatory or customer obligations.  
• Provide technical evidence and documentation to support compliance activities.  
• Ensure systems and processes adhere to internal security policies and procedures.  

• Provide security input into solution designs, infrastructure changes, and third-party integrations.  
• Support Sales and Partnerships by supplying technical security information for merchant and bank due diligence and security questionnaires.  
• Contribute to security awareness initiatives and strengthen a security-first culture across the business.  

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent industry experience).  
• 5+ years of experience in cybersecurity, offensive security, security engineering, or security operations roles.  
• Hands-on experience with penetration testing and/or adversary simulation.  
• Strong working knowledge of vulnerability management and incident response.  
• Familiarity with common security frameworks and standards including ISO 27001, NIST, PCI DSS, CIS Benchmarks, and OWASP.  
• Experience with security tooling such as SIEM, EDR, vulnerability scanners, and cloud security platforms.  
• Strong understanding of AWS security services (or another major cloud provider).  
• Highly technical and detail-oriented, with a strong understanding of security fundamentals.  
• Strong troubleshooting and problem-solving capability with a focus on practical risk reduction.  
• Comfortable working across both offensive and defensive security disciplines.  
• Strong communication skills — able to explain security issues and priorities clearly to technical and non-technical audiences.  
• Self-starter who can operate independently while collaborating effectively across teams.  
• Excited to build and improve security tooling and automation, including responsible GenAI use cases.  

Your skills and competencies

• You eagerly embrace change, absorb cross-functional skills, and connect ideas across disciplines to drive fresh thinking and innovation. 
• Ability to initiate, develop, maintain and leverage outstanding relationships to influence a wide network, both inside and outside the company. 
• A trailblazer who steps up, takes charge, and creates meaningful impact—those driven by performance and purpose to lead from the front and make a real difference every day. 
• You thrive in collaboration, embrace inclusion, and bring a genuine curiosity for global cultures—valuing collective success over individual credit. 
• Demonstrate strategic foresight, sound judgement, and the ability to make confident decisions under uncertainty, always working toward the best possible outcomes. 
• You challenge norms, champion innovation, and constantly seek growth—for themselves, their team, and the solutions they build. 
• You are a decisive doer—those who take initiative, follow through with confidence, and ensure results through courageous, hands-on leadership. 
• We value optimism, agility, and the strength to persevere under pressure—balancing performance with positivity, even in challenging environments. 
• You are driven, proactive individuals who take ownership, face challenges with grit, and consistently push for excellence—not just as participants, but as catalysts for success. 

Interview process 

During the interview process you will meet with the People team, the hiring manager, and relevant CSuite. Be prepared to complete a technical assessment that will showcase your skills.  

In office perks 

• Healthy breakfast, lunches and snacks
• Monthly team connects 
• On-site Barista 
• Birthday Leave

Perks for South African based employees

• Medical aid subsidy
• Group Risk Insurance
• Generous paid annual leave   
• Birthday leave
• Learning and Development opportunities 
• Mentorship programme
• Quarterly team building 
• Community initiatives 
• Access to cutting edge technology - Ozow Tech Stack

Our Employee Value Proposition

Join Ozow and become part of an elite force that challenges the ordinary and achieves the extraordinary. If you're driven to make an impact, embrace challenges, and seek unparalleled opportunities for growth, your journey starts here.

Compliance

As a fintech company, we prioritize data security, confidentiality, regulatory and compliance. Due to the sensitive nature of our work, we require individuals with a high level of integrity and trustworthiness to ensure adherence to financial regulations and industry standards. Given the sensitive nature of our work, all employees are expected to demonstrate professionalism, accountability, and a commitment to ethical conduct in line with financial regulations and industry standards

Ready to be exceptional? Apply now! 

Keen to know more? 

Interested in joining our rocket ship?  

To find out more about life at Ozow, head over to our Careers Page here!