Specialist: Cyber Incident and Threat Intelligence

4 days ago

Centurion, Gauteng, South Africa Telkom Full time R600 000 - R1 200 000 per year
Structural Information

Job number:

Job title: Specialist: Cyber Incident and Threat Intelligence

Job grade: S5

Group/ BU: Corporate

Division: CIO

Span of control: 0-5

Reports to: Senior Management

Core Description

Responsible for identifying, analyzing, and responding to cyber threats and incidents targeting theorganization. This role combines deep technical expertise with investigative skills to monitor threat landscapes, detect malicious activities, and provide actionable intelligence to improve the organization's cybersecurity posture. Works closely with SOC teams, digital forensics, and other cybersecurity functions to ensure proactive threat detection and eff ective incident response.

Job Responsibilities
  • Oversee the planning, design, implementation, testing, and operation of cyber breach resilience processes and systems on networks and applications.
  • Maintain awareness of the latest and common security threats, attack vectors, and Tactics, Techniques, and Procedures (TTPs) and maintain up-to-date threat profi les.
  • Act as an escalation point and subject matter expert for cybersecurity incidents and threat mitigation.
  • Develop and maintain incident management plans, procedures, controls, playbooks, and incidentresponse strategies.
  • Lead cyber incident simulation exercises.
  • Designing and implementing a disaster recovery plan, ensuring Telkom can eff ectively respond to unexpected security incidents.
  • Monitor dark web, open-source intelligence (OSINT), and threat feeds to identify emerging threats.
  • Ensure that adequate processes are in place to collect, analyze, and disseminate threat intelligence from internal and external sources.
  • Lead or support cyber incident investigations, including detection, containment, eradication, and recovery processes.
  • Enhance detection rules and use cases in XDR and threat detection platforms.
  • Correlate intelligence with real-time security events to identify and prioritize threats.
  • Develop dashboards, visualizations, and metrics to report on threat trends and incident statistics.
  • Stay up to date with cybersecurity trends, zero-day vulnerabilities, and global threat activity.
  • Lead and ensure collaboration with the SOC team during incident handling.
  • Create threat intelligence reports, indicators of compromise (IOCs), and threat briefs for stakeholders.
Core Competencies

FUNCTIONAL KNOWLEDGE
Deep understanding of threat actor tactics, techniques, and procedures; Profi ciency in using threatintelligence frameworks; Ability to contextualize and operationalize indicators of compromise; Experience inevaluating open-source and commercial threat intelligence feeds; Competence in producing and validatingthreat intelligence reports and advisories

FUNCTIONAL SKILLS
Analytical & Investigative; Communication & Interpretation; Decision Making; Problem Solving; Project &Task Management; Risk Awareness

ATTITUDES/ LEADERSHIP COMPETENCIES
Integrity; Assertive; Confi dent; Initiator; Supportive; Persuasive; Team Player; Problem Ownership

Certifications

Education
  • NQF 6: 3 year Diploma/ National Diploma in Information Technology
Experience
  • 5 Years relevant experience
Additional Information

Certifications:
  • Preferred certifications: Must have at least one of the following - CISM, CRISC CISSP, SABSA orISO27001/2.
  • Additional desired certification: CoBIT, TOGAF, ITIL.
Special Requirements
  • None
Physical Requirements
  • None
Key Stakeholders
  • Enterprise and IT Architects
  • Internal Business Customers
  • External Customers
  • Consultants and specialists
  • Executive & Governance Forums

  • Specialist: Cyber Incident and Threat Intelligence

    7 days ago

    Centurion, Gauteng, South Africa Telkom Group Full time R900 000 - R1 200 000 per year

    *Structural InformationJob number:* Job title:Specialist: Cyber Incident and Threat IntelligenceJob grade:S5Group/ BU:CorporateDivision:CIOSpan of control:0-5Reports to:Senior Management*Core Description*Responsible for identifying, analyzing, and responding to cyber threats and incidents targeting theorganization. This role combines deep technical expertise...

  • Manager: Cyber Security Operations

    7 days ago

    Centurion, Gauteng, South Africa BCXP Full time R900 000 - R1 200 000 per year

    Business unit, Department, Reporting Business Unit Cybersecurity Department Sales & Solutions Job grade/level M5Core DescriptionResponsible for leading the organization's cybersecurity strategy, operations, and team. This role ensures the protection of digital assets, compliance with regulatory standards, and the implementation of robust security protocols...

  • Manager: Cyber Security Operations

    1 week ago

    Centurion, Gauteng, South Africa BCXP Full time R750 000 - R2 500 000 per year

    Business unit, Department, ReportingBusiness Unit Cybersecurity Department Sales & SolutionsJob grade/level M5 Core Description Responsible for leading the organization's cybersecurity strategy, operations, and team. This role ensures the protection of digital assets, compliance with regulatory standards, and the implementation of robust security...

  • Manager: Cyber Security Operations

    7 days ago

    Centurion, Gauteng, South Africa BCX Zambia Full time R900 000 - R1 200 000 per year

    Apply now »Date:14 Oct 2025Location:Centurion, Gauteng, ZACompany:BCXPBusiness unit, Department, ReportingBusiness Unit Cybersecurity Department Sales & Solutions Job grade/level M5Core DescriptionResponsible for leading the organization's cybersecurity strategy, operations, and team. This role ensures the protection of digital assets, compliance with...

  • Open Source Intelligence Specialist

    7 days ago

    Centurion, Gauteng, South Africa Gijima Holdings Full time R1 200 000 - R2 000 000 per year

    Gijima Staffing Solutions is recruiting on behalf of a client for the following exciting opportunity: Open Source Intelligence SpecialistAre you a tech-savvy intelligence expert with a sharp investigative mindset and a passion for uncovering threats to financial systems? This specialist-level role requires someone who is not only a technical expert in...

  • Open-Source Intelligence Specialist

    2 weeks ago

    Centurion, Gauteng, South Africa Mogale Solution Providers Full time R500 000 - R750 000 per year

    Introduction To provide proactive and reactive strategic and operational intelligence reports to domestic and international stakeholders in order to combat money laundering and terrorist financing. Duties & Responsibilities KEY PERFORMANCE AREAS Identify user specifications for the acquisition of technical equipment needed to gather and analyse...

  • Intelligence Coordinator

    7 days ago

    Centurion, Gauteng, South Africa Bidvest Protea Coin Full time R203 040 - R435 240 per year

    An Internal Vacancy exists for an Intelligence Coordinator in the Critical Infrastructure Division based in Centurion – Head Office  Job Purpose:The Intelligence Coordinator supports client-related security and investigation projects by collecting, analysing, and reporting intelligence that helps prevent risks and strengthen operational safety. The role...

  • Incident Manager

    4 days ago

    Centurion, Gauteng, South Africa Group Digital and Technology Full time R400 000 - R800 000 per year

    IntroductionMomentum Group is a South African-based financial services group. Our retail and specialist brands drive to build and protect our client's financial dreams. We help people grow their savings, protect what matters to them and invest for the future. We help companies and organisation's care for and reward their employees and members.Momentum Group...

  • Vulnerability Management Specialist

    2 weeks ago

    Centurion, Gauteng, South Africa Clyrofor SA Full time R90 000 - R120 000 per year

    We are seeking a highly skilledVulnerability Management Specialistto support the rebuilding and enhancement of ourTenable Security Center )environment. The specialist will play a key role in strengthening our vulnerability management capabilities by integratingTenable Core,Web Application Scanning (WAS), enhancing certificate management, configuring SSO for...

  • Marketing Manager

    2 weeks ago

    Centurion, Gauteng, South Africa Job Crystal Full time R250 000 - R500 000 per year

    Job Intro Marketing Manager - Centurion, GP GautengAbout SnodeSnode Technologies, an award-winning African cyber-defence company based in Centurion, South Africa, is on a mission to develop deep, committed relationships with select partners and clients. We aim to achieve superior performance through cutting-edge technology. Our bespoke cyber defense...