Specialist Cyber Security Analytics & Assurance
Share
Job Location:
Johannesburg - South Africa
Monthly Salary:
Not Disclosed
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Sasol is a global integrated chemicals and energy company with a 75-year heritage. Through our talented people we use our expertise and selected technologies to safely and sustainably source manufacture and market chemical and energy products globally. When you join Team Sasol you are joining a company that puts people at the center of everything we do.
Sasol invests in its employees along every stage of the career path and offers development opportunities to help you cultivate your career in a culture that embraces diversity and inclusion.
Job Req Id
10748
Closing Date
10 December 2025
OME
CML: Information Management
Geographical Area
Sandton Gauteng
Purpose of Job
Provide first line (operational) assurance to the Cybersecurity team by verifying that security controls are properly designed and operating effectively across core security domains. The role designs and performs control monitoring testing gathers evidence and reports objective outcomes against Sasols IT Critical Cybersecurity Controls (CIS v8.1 mapped to NIST CSF 2.0) and related policies/standards enabling timely remediation and demonstrable compliance. This role is positioned within the Sasol cybersecurity team to drive governance control monitoring and compliance.
Key Accountabilities
1) Control design assurance
Validate control design against internal standards and policies (e.g. AD/Entra ID PAM SOC logging firewall hygiene) raising design gaps and concessions where needed.
Translate enterprise control objectives (CIS/NIST CSF) into testable control statements and SOPs for first line checks across identity endpoint network data protection logging/monitoring and incident response.
Embed doerchecker separation for high-risk activities; ensure evidence trails meet internal and external assurance expectations.
2) Operating effectiveness & continuous monitoring
Plan and execute control tests (periodic and continuous) collecting Outcome-Driven Metrics (ODMs) for the Cyber Safety Score dashboard.
Operate configuration/compliance scans and related health checks to detect baseline drift and control exceptions.
Coordinate detective control coverage checks (e.g. SIEM use-case health log onboarding completeness) to assure alert efficacy.
3) Evidence reporting & governance
Maintain auditable evidence packs mapped to each control/safeguard and to the control library.
Produce clear monthly assurance reports highlighting control status exceptions risks and remediation progress for Cyber leadership and Combined Assurance forums.
4) Issue/exception handling and risk response
Drive remediation tracking with control owners; log and monitor risk responses and concessions per the Cybersecurity Risk Response process.
Support SOX/ITGC sustainment by aligning first-line checks to key access/change/configuration controls and collating compensating-control evidence where needed.
5) Stakeholder collaboration (2nd/3rd line)
Partner with GRC/Compliance (2nd line) and Internal Audit (3rd line) to share first-line results close findings and reduce repeat issues via design improvements and SOP updates.
Formal Education and Certification
Relevant University degree/ B Tech (Information Security / Computer Science / Risk / Audit)
Certifications (one or more advantageous):
Security Operations / Controls: CompTIA Security (ISC)² SSCP CCSP CISACISSP
Governance/Standards: ISO/IEC 27001 Lead Implementer/Lead Auditor
Microsoft Security/IAM: SC-200 SC-300 SC-100 AZ-500
PAM/IAM: vendor certifications (e.g. CyberArk Omada)
SOX compliance certifications
Working Experience
Experience: 6 years in cybersecurity operations or control monitoring/assurance across cybersecurity domains.
Technical Skill
Frameworks/Controls: NIST CSF 2.0; CIS Controls v8.1; ISO/IEC 27001
IAM & PAM; Network & Perimeter Security; Endpoint/Server Protection
Security Logging & Monitoring; Incident Response linkage
Change & Configuration Management; configuration baseline drift detection and evidence capture
Data Security & Protection; backup/recovery verification
Required Personal and Professional Skills
Sasol is an equal opportunity and affirmative action employer. Inspired by our Purpose of Innovating for a better world Sasol acknowledges that diversity is intrinsic to the fabric of our organisation and is the key to our growth and success. Sasol is committed to the full inclusion of all suitably qualified individuals. Preference will be given to applicants from designated groups and people with disabilities according to Sasols Employment Equity Plan. This includes reasonable accommodation to enable individuals with disabilities to perform essential job functions.
Our automated process is designed to efficiently assess a large volume of applications. Should you not hear from us within 60 days of the advert closing then kindly consider your application unsuccessful. Thank you once-more for your interest in Sasol as your employer of choice and we wish you all the best with your career aspirations and future applications with us.
Required Experience:
IC
Key Skills
- CCTV
- Low Voltage
- Network Management
- IDS
- Computer Networking
- Field Service
- ICD Coding
- Military Experience
- Security
- Security System Experience
- Information Security
- Troubleshooting
About Company
Sasol is a global chemicals and energy company. We are a public company listed on the Johannesburg Stock Exchange in South Africa and the New York Stock Exchange in the United States.
