Career Opportunities with NETSTOCK

A great place to work.

 
Careers At NETSTOCK

Current job opportunities are posted here as they become available.

Subscribe to our RSS feeds to receive instant updates as new positions become available.

 
Back To Openings

 

 

Information Security & Vendor Risk Compliance Specialist (remote, South Africa only)

Department: IT Security
Location:
START YOUR APPLICATION

Job Title: Information Security & Vendor Risk Compliance Specialist
Reports To: Manager, Certification, Data Privacy and Internal Audit
Employment Type: Full-Time, Permanent, remote

Your role

Netstock is looking for an experienced Information Security & Vendor Risk Compliance Specialist to join our growing team. In this critical role, you’ll help safeguard our organization by assessing third-party risks, maintaining our Information Security Management System (ISMS), and driving compliance with international data protection standards.

You'll bring your cybersecurity expertise to the table, especially your knowledge of ISO 27001, NIST, and key risk assessment framework to support internal IT audits, evaluate vendor security practices, and contribute to Netstock’s ongoing regulatory compliance initiatives.
This role is ideal for someone with strong analytical and communication skills, a proactive mindset, and a passion for cybersecurity and risk management. If you're ready to play a pivotal role in strengthening Netstock’s security posture, we’d love to hear from you.

Required Experience

  • Direct experience conducting third-party due diligence, evaluating vendors, partners, or suppliers, conducting IT internal audits and maintenance of the ISMS.
  • Cybersecurity Experience: A strong background in cybersecurity, such as experience and knowledge in key security concepts such as vulnerability management, incident response, and network security. This is important because you need to evaluate the security posture of third parties to assess whether their systems and practices could pose a risk to your organization. You will need to perform internal audits against security controls.
  • Third-Party Risk Management: Direct experience with third-party risk assessments, focusing on how third-party vendors and service providers manage security and data protection. This includes assessing risks related to data breaches, cybersecurity threats, and the potential compromise of sensitive information.
  • Compliance and Regulatory Knowledge: Familiarity with relevant compliance standards and regulations.
  • Information Security Management Systems: Direct experience managing, maintaining, and improving the Information Security Management System (ISMS) in accordance with ISO 27001 or similar frameworks.. Experience conducting IT internal audits to assess IT systems, infrastructure, and processes for compliance with internal security policies and standards.


Education
Certifications: ISO 27001 Lead Auditor and other relevant security certifications.

Technical skills

Information security knowledge

  • Understanding of security frameworks (ISO 27001, NIST, CIS Controls)
  • Familiarity with security best practices, including secure software configurations and secure coding practices
  • Experience reviewing technology security risks, such as software libraries, desktop software, and technology assessments

Risk assessment and management

  • Ability to perform security and privacy risk assessments
  • Skilled in maintaining and updating risk registers
  • Competence in assessing and documenting risk treatments
  • Experience performing gap analysis and implementing corrective action plans
  • Competency in performing Artificial Intelligence impact assessments

Privacy and data protection

  • Familiarity with global privacy regulations (e.g., GDPR, POPIA, CCPA)
  • Experience conducting Data Protection Impact Assessments (DPIA)
  • Ability to perform Legitimate Interest Assessments (LIA)
  • Maintaining personal data registers and retention schedules
  • Knowledge of managing personal data breaches and notifications

Compliance and regulatory expertise

  • Understanding of vendor compliance and due diligence processes
  • Familiarity with privacy and regulatory obligations embedded within contracts
  • Capability in reviewing data processing activities against regulatory requirements
  • Ability to interpret contractual terms and conditions from a security and privacy perspective
  • Skilled in identifying and clearly communicating contractual obligations to the business

Information Security Management Systems

  • Design, implement, and lead the internal IT audit function
  • Conduct audits of IT systems, infrastructure, and processes to identify risks, weaknesses, and non-compliance.
  • Monitor and report on compliance with internal policies, POPIA, ISO standards, and relevant cybersecurity frameworks.
  • Assist with the process of updating, revising, and improving ISMS documentation to reflect changing risks, regulatory requirements, and business needs.

Soft skills

  • Strong written and verbal communication to liaise clearly with stakeholders
  • Ability to translate technical security/privacy terms into understandable business language
  • Detail-oriented approach to evaluating contracts, vendor information and when conducting internal audits.
  • Accuracy in describing controls, processes, and compliance requirements.
  • Strong analytical skills to effectively identify, assess, and prioritise risks
  • Proficiency in maintaining accurate, thorough, and organised documentation (risk registers, vendor assessments, incident reports, internal audit reports, etc.)
  • Ability to clearly and concisely document audit findings, observations, and recommendations.
  • Ability to translate complex security concepts into clear, concise, and actionable language.
  • Collaboration and stakeholder management
  • Ability to effectively collaborate across teams, including business stakeholders, technical teams, legal, and vendors
  • Confidence in working with external vendors to gather necessary security/privacy information
  • Capacity to manage multiple assessments and reviews simultaneously
  • Strong organisational skills to maintain accurate documentation, reporting schedules, and deliverables timelines

We receive a high number of applications per role and therefore ONLY successful applicants will be contacted.

This role is open to residents of the Republic of South Africa. Although we may consider candidates with permanent residency, preference will be given to citizens of the Republic of South Africa.

Working with us

Netstock was founded with a clear vision: To give the hungry up-and-comers the capability to level the playing field and compete with the industry giants. Working here means embracing that “challenger” mentality: We are smart, scrappy fighters, building our edge with the agility to move faster than the big guys — pioneering smarter ways to work and innovating new ways to deliver powerfully easy to use technologies for our customers.

About us

Netstock is the driving force accelerating the growth of organizations worldwide. Over the last 15 years, we’ve built out a regional presence that gives us deep insights into supply chain planning factors in each industry. We continue to enhance our supply chain planning solutions, making our predictive engine smarter, accelerating automation, and adding sophisticated new capabilities such as AI and machine learning.

You can read more about Netstock’s history and our product offering at Netstock

START YOUR APPLICATION

 

 

 

 

Visit Our Home Page

© 2025 NETSTOCK

Applicant Tracking System Powered by ClearCompany HRM Applicant Tracking System