Security Testing & GRC Specialist (Pen Tester + Governance, Risk & Compliance)

SUMMARY:

We are seeking a versatile Security Specialist who can combine deep hands-on expertise in ethical hacking and security testing with a strong understanding of governance, risk, and compliance (GRC). This person will ensure our systems are continuously tested for vulnerabilities while also aligning our practices with regulatory and organizational ...

POSITION INFO:

We are seeking a versatile Security Specialist who can combine deep hands-on expertise in ethical hacking and security testing with a strong understanding of governance, risk, and compliance (GRC). This person will ensure our systems are continuously tested for vulnerabilities while also aligning our practices with regulatory and organizational security requirements.

What you'll do:

• Conduct penetration testing, ethical hacking, and vulnerability assessments using industry-standard tools (e.g., BurpSuite, OWASP ZAP, Metasploit, etc.).
• Identify, document, and report security vulnerabilities, providing remediation guidance to development and operations teams.
• Develop and maintain GRC frameworks, policies, and procedures in line with industry standards (ISO 27001, NIST, GDPR, POPIA, etc.).
• Support risk assessments, audits, and compliance initiatives.
• Act as a bridge between technical security testing and compliance-driven governance activities.
• Provide security awareness and compliance training as needed.

Your Expertise:

• Proven experience as a penetration tester, ethical hacker, or security engineer.
• Familiarity with GRC frameworks, regulatory compliance, and audit processes.
• Strong knowledge of application, cloud, and infrastructure security.
• Excellent communication and reporting skills to both technical and non-technical stakeholders.

Behavioural competencies:

• Client-Centric Mindset
  • Demonstrates a strong commitment to understanding and delivering value to clients.
  • Builds trust-based relationships and adapts communication style to diverse client environments.
• Collaborative Leadership
  • Leads by example and fosters a culture of collaboration, knowledge sharing, and mutual respect.
  • Comfortable mentoring junior team members and contributing to a psychologically safe team environment.
• Adaptability Growth Orientation
  • Thrives in dynamic, fast-paced environments and embraces change as an opportunity.
  • Actively seeks feedback and continuously looks for ways to improve personally and professionally.
• Integrity Accountability
  • Upholds high ethical standards and takes ownership of outcomes.
  • Transparent in communication and dependable in delivering on commitments.
• Innovation Problem Solving
  • Brings a proactive, solution-oriented mindset to complex challenges.
  • Encourages experimentation and is open to new technologies, methodologies, and ideas.
• Communication Influence
  • Communicates clearly and persuasively with both technical and non-technical stakeholders.
  • Able to influence decision-making at senior levels through data, insight, and credibility.
• Alignment with Company Values
  • Embodies the core values of our organization (e.g., excellence, inclusion, curiosity, impact).
  • Acts as a cultural ambassador both internally and in client-facing engagements.

Other information applicable to the job:

• Initial contract position
• Location: Johannesburg – hybrid way of work
• Level: Senior

Why work for us?

Want to work for an organization that solves complex real-world problems with innovative software solutions? At iOCO, we believe anything is possible with modern technology, software, and development expertise. We are continuously pushing the boundaries of innovative solutions across multiple industries using an array of technologies. 

You will be part of a consultancy, working with some of the most knowledgeable minds in the industry on interesting solutions across different business domains. 

Our culture of continuous learning will ensure that you will have all the opportunities, tools, and support to hone and grow your craft. 

By joining IOCO you will have an open invitation to developer inspiring forums. A place where you will be able to connect and learn from and with your peers by sharing ideas, experiences, practices, and solutions. 

iOCO is an equal opportunity employer with an obligation to achieve its own unique EE objectives in the context of Employment Equity targets. Therefore, our employment strategy gives primary preference to previously disadvantaged individuals or groups.