Closing date: 12/06/2026. It is the responsibility of the applicant to ensure that HR has received the application before the closing date of the advertisement. Key Information Operating Division: Transnet Property Employee Group: Non Permanent (3 years Fixed Term Contract) Department: Prop, ICT GRC, Infrastructure & Service Location: Johannesburg Reporting To: Snr Manager: IT GRC, Infrastructure & Ser Grade: F Reference: req5007 Position Purpose Providing security support through monitoring, analysis, detection and mitigation of threats against the Transnet environment. Evaluates the effectiveness and efficiency of existing security control measures. Identifies the vulnerabilities that may cause inappropriate or accidental access, destruction, or disclosure of information and establishes security controls to eliminate or minimise exposure. Information security analysts plan and carry out security measures to protect the organisation's computer networks and systems. The responsibility of the information security analyst is continually expanding as the number of cyberattacks increases. Position Outputs Monitor the organisation's networks for security breaches and investigate any violation when one occurs. Analyse the installation and use of software, such as firewalls and data encryption programmes, to protect sensitive information. Prepare reports that document security breaches and the extent of the damage caused by the breaches. Conduct penetration testing, simulating attacks to look for vulnerabilities before they can be exploited. Research the latest information technology (IT) security trends. Develop security standards and best practices for the organisation. Recommend security enhancements to management or senior ICT staff. Create awareness among computer users when they need to install or learn about new security products and procedures. Through a continuous‑improvement programme, review security in existing technologies and propose improved solutions. Work with the Information Security Architect to propose changes to the architecture. Establish relationships with business representatives and key external information risk, security, governance and compliance bodies and evangelise the information security cause to uplift the image of information security and Transnet. Enterprise Information Management Services with both internal and external key stakeholders. Conduct studies within and outside the organisation to ensure compliance of the Transnet Information Security Framework with laws, regulations, standards and industry security norms. Develop and maintain a project security risk template to quickly assess the need for security resources on all new and existing projects within Transnet. Facilitate the rollout of the project security template to all projects in the group. Provide a security consulting service on all Transnet projects, EIMS, Information Security Architecture and OD IMS. Provide a detailed security design and facilitate the implementation thereof for all projects within the group based on a risk assessment in accordance with the security template. Develop or update Information Security related policies and standards for existing or new complex technologies deployed within the enterprise. Provide input into the development and maintenance of the strategies, policies and standards for Information Security, Business Continuance and IT Risk & Compliance. Have continuous understanding of the Transnet information security landscape and perform investigations into solutions (people, process, technology) to mitigate real threats. Work with the EIMS Risk function to ensure Information Security risks are adequately captured, controls identified and ongoing mitigation actions are implemented. Perform pre‑ and post‑implementation security review of key technology implementations. Investigate, and in conjunction with the Security Architect, drive the use of innovative security technology that balances ease of access to information with requirements for security in order to drive and support the Market Demand Strategy. Qualifications and Experience Relevant qualification: National Diploma ICT/Computer Science/Information Technology (NQF 6/7). Advantageous: Transnet Leadership Development Programme. Minimum 5 years of relevant experience in a large enterprise, preferably with 1 year supervisory or specialist experience, including risk management, IT audit, information security, application development, operations, and project management. Certifications such as CISA, CISM or CISSP, ISO 27001, SSCP (Systems Security Certified Practitioner), ISSAP, ISSEP, ISSMP (CISSP Concentrations), CCSA, CHFI, or other equivalent computer hacking, forensics or investigations certifications. Competencies Strategy & Sustainability Innovation Strategy Implementation Strategy Communication Tactical Execution Business Performance & Delivery Planning & Execution Customer focus Problem Solving Driving Performance Digital proficiency Business Forecasting Business Acumen Managing Risk Data Management Business Branding Personal Mastery Stress Management Self‑awareness Learning Orientation Resilience Grit Personal Brand Self‑Discipline Accountability Time Management Positive thinking Goal Setting Managing Relationships Impact & Influence Collaboration Building Partnerships Communication and Engagement Embracing Diversity Networking Managing Conflict Managing Talent Shaping Culture Team Inspiration Building Effective Teams Managing Change Ethical Leadership Leadership Presence Living the Transnet Values Corporate Governance, Risk & Compliance (GRC) Governance, Risk and Compliance (GRC) Strategy Performance Culture Review Governance Structure and resourcing Standards Integrity and Ethical Conduct Safety Practices Risk Management GRC Assessment GRC Performance Strategies Monitoring and Reporting Equity Statement Preference will be given to suitably qualified Applicants who are members of the designated groups in line with the Employment Equity Plan and Targets of the Organisation/Operating Division. #J-18808-Ljbffr