For recruiters

CYBER SECURITY SPECIALIST: BLUE TEAM

Listing reference: woolw_001359
Listing status: Under Review
Apply by: 10 November 2025
Position summary
Industry: FMCG & Supply Management
Job category: FMCG, Retail, Wholesale and Supply Chain
Location: Western Cape
Contract: Permanent
Remuneration: Market Related
EE position: No
Introduction
We are searching for an energetic, output-driven blue teamer to support the execution of the cyber security strategy and roadmap with a primary focus on blue and purple teaming. You’ll be assisting the blue team in their efforts to defend Woolworths against various cyber threats by working closely with the rest of the Cyber team, IT GRC, and partners across the Group to continually improve our security posture, plus supporting and transforming our SOC capabilities by coordinating operational tasks and delivering key programs. This is a technical role requiring experience in building, delivering, improving, and validating defensive processes, solutions, and tooling. The role also requires good people skills to effectively interact and communicate with various stakeholders across Woolworths.
Job description

·       Incident response – identify and respond to security incidents, including containment and investigation.

·       Maintaining and enhancing existing and new toolsets (like XDR) required for mature active defence.

·       Investigating new approaches, technology, and automation to challenge traditional thinking and raise the level of security.

·       Enabling mature active defence processes through continual validation and verification of infrastructure, platform, applications, and data asset controls.

·       Enhancing defence continuously – work with the team to update defence capabilities in line with threats, vulnerabilities and exploits identified during red teaming and threat hunting. Automating trumping manual.

·       Managing threat intelligence – contribute towards building and running threat intelligence capabilities.

·       Hunting for the needle in the needle stack - proactively search for and identify advanced threats that evade existing security solutions and feed this learning into blue team defence capability.

·       Blue team reporting and metrics – assist with building and maturing blue team reporting mechanisms such as dashboards and key cyber metrics. 

·       Establish relationships with key stakeholders for effective cross-team collaboration and implementation of security operations processes.

·       Supporting the broader Cyber Security Team – collaboration to drive and support various operational and strategic initiatives.

·       Champion or co-champion internal security solutions and/or processes.

·       Help define and set security standards.

·       Provide context and guidance to implement security improvements.

Minimum requirements

·       Grade 12 and relevant degree/diploma/certifications

·       Minimum of 3 years hands on practical experience working in cyber security operations with the focus on incident response and blue teaming.

·       Experience with security technologies and processes covering identity & access management, data security, vulnerability management and general infrastructure (network, platform, cloud, and endpoint) security.

·       Experience in defence tools such as EDR, Microsoft and SIEM.

·       May be required to assist outside of working hours / be on standby.

 Advantageous

 

·       Relevant blue team and incident response qualifications and certifications such as SANS – Cyber Defence and CREST – Incident Response.

·       Practical experience with the MITRE ATT&CK framework is advantageous.

·       Ability to script and automate processes.

  
Copyright © Woolworths. All Rights Reserved.
Privacy Statement Disclaimer Terms & Conditions
Our website uses cookies so that we can provide you with the best user experience. By continuing to use our website, you agree to our use of cookies.