Head of Security, Cape Town

My Exclusive Client is a leading integration and automation platform built on the .NET stack, empowering businesses to connect systems and streamline operations. We’re committed to building secure, resilient software and are seeking a visionary Head of Security who combines deep engineering expertise with cutting-edge AI-driven security practices.

Role Overview

We are seeking a Head of Security who operates like an ethical hacker and software engineer in equal measure. This is a hands-on, dedicated role focused on proactively finding vulnerabilities, securing operational controls, and building AI-augmented security solutions within our .NET codebase.

You will work primarily at the application layer, identifying attack surface points across the app and broader Microsoft Azure stack, and designing/software-engineering solutions to fix them. You’ll leverage AI effectively—prompting it correctly to detect issues, generate secure code, and automate vulnerability discovery.

This is not a purely managerial role. You will write code, build security tooling, and engineer solutions directly into My Exclusive Client’s platforms.

Key Responsibilities

1. AI-Driven Vulnerability Discovery

Use AI tools and large language models (LLMs) to systematically scan, analyze, and identify vulnerabilities in our .NET codebase
Craft precise prompts and develop AI-assisted workflows to detect security flaws, insecure patterns, and logical loopholes
Build internal AI-powered security scanners and automation tools

2. Ethical Hacking & Code-Level Security

Act as an ethical hacker within the codebase: perform deep code reviews, penetration testing, and exploit simulation
Identify security loopholes at the proxy layer, network layer, and infrastructure layer (not just application-level)
Map and analyze attack surface points across the Microsoft security stack (Azure, Entra ID, Defender, Sentinel, Key Vault, etc.)

3. Solution Engineering

Build software solutions (tools, patches, hardening frameworks) in .NET to remediate identified vulnerabilities
Design and implement operational security controls that are sustainable, automated, and measurable
Engineer secure-by-default patterns into My Exclusive Client’s development lifecycle

4. Operational Controls & Security Strategy

Maintain and extend compliance certifications (e.g. SOC 2 Type II) by defining and enforcing security operational controls across development, deployment, and runtime environments
Conduct risk assessments and threat modeling focused on application, API gateways, and Microsoft Azure infrastructure
Develop incident response playbooks and proactive defense mechanisms

5. Collaboration & Culture

Work closely with engineering teams to embed security into the SDLC
Foster a “peaceful,” proactive security culture focused on discovery and prevention rather than blame
Mentor developers on secure coding practices, AI-augmented security, and .NET security patterns

Required Qualifications

Technical Skills

• 5+ years in security engineering, ethical hacking, or application security
• 3+ years as a software engineer with strong expertise in the .NET stack (C#, ASP.NET Core, Entity Framework)
• Deep hands-on experience with API gateways, reverse proxies, and general network security
• Proven ability to use AI/LLMs for security: prompt engineering, automated code analysis, vulnerability generation/detection
• Experience building security tooling, scanners, or automation frameworks

Certifications (Preferred but not mandatory)

• OSCP, OSCE, or CEH (ethical hacking)
• Microsoft certifications: AZ-500 (Security Engineer), SC-900/200
• CSSLP, CISSP, or CISM (security leadership)

Soft Skills

• Exceptional problem-solver with a calm, methodical, and peaceful mindset
• Strong communication skills to translate technical risks into actionable engineering tasks
• Self-starter who thrives in autonomy and takes ownership of security outcomes

What You’ll Build

• Detect and patch application-layer vulns, working with the R & D team
• Develop, test and review appropriate configuration for infrastructure
• Custom security tooling integrating AI prompts, .NET code analysis, and Microsoft stack hardening
• A proactive security culture where vulnerability discovery is celebrated, not punished

What We Offer

• A dedicated, focused role with minimal bureaucracy and maximum impact
• Opportunity to pioneer AI-driven security engineering in a real-world .NET platform
• Competitive salary + benefits
• Continuous learning budget (confidence in AI, security conferences, certifications)
• Trust-based culture focused on building and preventing, not reacting