Head of Security, Cape Town

R140 000, 00 per month depends on level and experience.

Location:

Somerset West

Reports To:

CTO / CEO

Employment Type:

Full-time

About My Exclusive Client My Exclusive Client is a leading integration and automation platform built on the .NET stack, empowering businesses to connect systems and streamline operations. We’re committed to building secure, resilient software and are seeking a visionary

Head of Security

who combines deep engineering expertise with cutting‑edge AI‑driven security practices.

Role Overview We are seeking a

Head of Security

who operates like an

ethical hacker

and

software engineer

in equal measure. This is a hands‑on, dedicated role focused on

proactively finding vulnerabilities ,

securing operational controls , and

building AI‑augmented security solutions

within our .NET codebase.

You will work primarily at the application layer, identifying

attack surface points

across the app and broader Microsoft Azure

stack , and designing/software‑engineering solutions to fix them. You’ll leverage

AI effectively—prompting it correctly to detect issues, generate secure code, and automate vulnerability discovery.

This is not a purely managerial role. You will

write code ,

build security tooling , and

engineer solutions

directly into My Exclusive Client's platforms.

Key Responsibilities 1. AI-Driven Vulnerability Discovery

Use

AI tools and large language models (LLMs)

to systematically scan, analyze, and identify vulnerabilities in our .NET codebase

Craft precise prompts and develop AI‑assisted workflows to detect security flaws, insecure patterns, and logical loopholes

Build internal AI‑powered security scanners and automation tools

2. Ethical Hacking&Code-Level Security

Act as an

ethical hacker

within the codebase: perform deep code reviews, penetration testing, and exploit simulation

Identify

security loopholes

at the

proxy layer ,

network layer , and

infrastructure layer

(not just application-level)

Map and analyze

attack surface points

across the

Microsoft security stack

(Azure, Entra ID, Defender, Sentinel, Key Vault, etc.)

3. Solution Engineering

Build software solutions

(tools, patches, hardening frameworks) in

.NET

to remediate identified vulnerabilities

Design and implement

operational security controls

that are sustainable, automated, and measurable

Engineer secure‑by‑default patterns into My Exclusive Client's development lifecycle

4. Operational Controls&Security Strategy

Maintain and extend compliance certifications (e.g. SOC 2 Type II) by defining and enforcing

security operational controls

across development, deployment, and runtime environments

Conduct risk assessments and threat modeling focused on application, API gateways, and Microsoft Azure infrastructure

Develop incident response playbooks and proactive defense mechanisms

5. Collaboration&Culture

Work closely with engineering teams to embed security into the SDLC

Foster a

“peaceful,” proactive security culture

focused on discovery and prevention rather than blame

Mentor developers on secure coding practices, AI‑augmented security, and .NET security patterns

What You’ll Build

Detect and patch application‑layer vulns, working with the R&D team

Develop, test and review appropriate configuration for infrastructure

Custom security tooling

integrating AI prompts, .NET code analysis, and Microsoft stack hardening

A

proactive security culture

where vulnerability discovery is celebrated, not punished

Required Qualifications Technical Skills

5+ years

in security engineering, ethical hacking, or application security

3+ years

as a

software engineer

with strong expertise in the

.NET stack

(C#, ASP.NET Core, Entity Framework)

Deep hands‑on experience with

API gateways ,

reverse proxies , and general

network security

Proven ability to

use AI/LLMs for security : prompt engineering, automated code analysis, vulnerability generation/detection

Experience building

security tooling , scanners, or automation frameworks

Certifications (Preferred but not mandatory)

OSCP, OSCE, or CEH (ethical hacking)

Microsoft certifications: AZ-500 (Security Engineer), SC-900/200

CSSLP, CISSP, or CISM (security leadership)

Soft Skills

Exceptional problem‑solver with a calm, methodical, and peaceful mindset

Strong communication skills to translate technical risks into actionable engineering tasks

Self‑starter who thrives in autonomy and takes ownership of security outcomes

What We Offer

A

dedicated, focused role

with minimal bureaucracy and maximum impact

Opportunity to pioneer

AI‑driven security engineering

in a real‑world .NET platform

Competitive salary + benefits

Continuous learning budget (confidence in AI, security conferences, certifications)

Trust‑based culture focused on building and preventing, not reacting

#J-18808-Ljbffr