Security Analyst needed at Biovac

About the job Security Analyst
BIOVAC is one of the leading sterile vaccine manufacturers rooted in Africa, with our core purpose being to “protect life”. We are looking to hire a dynamic, passionate, confident, proactive and meticulous Security Analyst to join a goal-oriented team

QUALIFICATIONS NEEDED:

Required:

• Bachelors Degree or National Diploma in Information Security, Computer Science, or related field
• Preferred:
• Industry certifications such as CompTIA Security+, CEH, CISSP
• Training or experience in GxP, ISO 27001, or NIST frameworks
• Experience in pharmaceutical, manufacturing, or regulated industries
• Experience needed to deliver the role seamlessly:
• Minimum 5 years experience in IT security operations or cyber-security analysis
• Experience in threat monitoring, incident response, and vulnerability management
• Hands-on experience with SIEM, EDR, and log analysis tools
• Understanding of network, endpoint, and application security controls
• Familiarity with patch management, identity access management, and risk assessment processes

Preferred:

• Experience supporting GxP-compliant environments
• Exposure to regulatory frameworks (GDPR, POPIA, ISO 27001, NIST)
• Knowledge of secure configurations and system hardening practices

KEY DUTIES & RESPONSIBILITIES OF THE ROLE:

• Core Technical Delivery:
• Security Monitoring and Incident Response
• Monitor and analyze security alerts from various systems and tools (SIEM, EDR, IDS/IPS)
• Investigate potential incidents and coordinate remediation with relevant teams
• Maintain an incident response plan and participate in simulations or tabletop exercises
• Document incidents, lessons learned, and develop preventive measures
• Vulnerability and Risk Management
• Perform regular vulnerability scans, risk assessments, and patch validation
• Track remediation of vulnerabilities and report on closure progress
• Support IT teams in secure configurations and system hardening
• Maintain risk registers and contribute to mitigation planning
• Access Control and Compliance
• Support user access reviews, segregation of duties, and privileged account monitoring
• Ensure alignment with regulatory and internal security requirements
• Maintain documentation for audits and compliance checks
• Contribute to policy and procedure development
• Contribute to cyber-security awareness initiatives and user training
• Research and recommend new security technologies and best practices
• Support audits, vulnerability assessments, and penetration testing
• Drive continuous improvement in incident response and monitoring capabilities
• Quality Management
• Ensure all security processes are aligned with GxP, GMP, and data integrity requirements
• Support audits and ensure findings are addressed promptly
• Maintain documentation for incidents, CAPAs, and security validations

Application Deadline: 30 November 2025