Active Roles at Flash Group

Description

RESPONSIBILITIES:

• Lead and manage the 24/7 technology and information security monitoring function, ensuring continuous coverage of Flash systems across all shifts through effective scheduling, workload distribution, and contingency planning.
• Act as the primary escalation authority for complex, high-severity, or time-critical fraud cases and system incidents, driving timely resolution and coordinating cross-functional responses where required.
• Oversee the quality, accuracy, and timeliness of all incident logging, case management records, and shift handover documentation produced by the team.
• Monitor and report on team performance against defined SLAs, KPIs, and quality standards, identifying trends and implementing corrective or developmental actions as needed.
• Develop, maintain, and enforce standard operating procedures, escalation protocols, and runbooks to ensure consistency, compliance, and operational resilience across all monitoring activities.
• Manage team members through the full people management lifecycle, including performance reviews, coaching, development planning, and addressing conduct or capability concerns in line with HR policy.
• Produce data-driven management reports, threat trend analyses, and operational performance dashboards for senior leadership, translating complex technical findings into actional business intelligence.
• Collaborate with information security, fraud, technology, compliance, and risk teams to align monitoring strategy with the organisation’s security posture, risk appetite, and regulatory obligations.
• Identify and champion continuous improvement initiatives to enhance detection accuracy, reduce false-positive rates, and improve overall operational efficiency.
• Drive a culture of technical excellence and continuous learning within the team, including facilitating threat-hunting exercises, knowledge-sharing sessions, and exposure to emerging data and tooling.

Requirements

MINIMUM REQUIREMENTS:

• A diploma or degree in Information Technology, Computer Science, Finance, Business Management, or a related field.
• A postgraduate qualification or management diploma is advantageous.
• Certifications in fraud management (e.g. CFE - Certified Fraud Examiner), cybersecurity (e.g. CompTIA Security+), or IT service management (e.g. ITIL Foundation) are advantageous.
• 5 - 8 years' experience in a cybersecurity operations, fraud analytics, operations centre, or critical systems monitoring environment (required), with at least 1 - 2 years in a formal supervisory or team lead capacity.
• Prior experience within a financial services or payments environment.

REQUIRED KNOWLEDGE / TECHNICAL SKILLS:

• Sound knowledge of detection methodologies, alert triage frameworks, and escalation protocols in a real-time monitoring environment.
• Demonstrated ability to lead, schedule, and performance-manage shift-based operational teams.
• Proficiency in incident and case management tools.
• Strong working knowledge of payment systems and transaction processing (e.g. EFT, card schemes, real-time payments).
• Ability to produce operational reports, shift performance summaries, and management information for senior stakeholders.
• Hands-on experience with Flash or comparable payment processing platforms is advantageous.
• Exposure to monitoring or analytics tools is advantageous.
• Familiarity with cloud-native security tooling.
• Working knowledge of AML, or relevant South African financial regulatory frameworks (e.g. SARB, POPIA) is advantageous.
• Experience authoring or maintaining SOPs, runbooks, and operational process documentation is advantageous.
• Experience in red team / blue team exercises, penetration testing frameworks, or threat modelling methodologies is advantageous.

COMPETENCIES / ATTRIBUTES:

• Leadership & people development - coaches, motivates, and grows a team across rotating shifts, building a high-performance monitoring culture and addressing performance gaps proactively.
• Decision-making under pressure - exercises sound, timely judgement during high-severity cyber, fraud or system incidents, often with incomplete information and under time constraints.
• Analytical thinking - interprets alert patterns, incident data, and team performance metrics to identify systemic risks and improvement opportunities.
• Strategic analytical thinking – synthesis security telemetry, fraud data, and operational metrics to identify systemic risks, detection gaps, and strategic improvement priories beyond the immediate incident.
• Effective communication - conveys complex operational and cyber or fraud-related information clearly to the team, senior management, and cross-functional stakeholders, both verbally and in written reports.
• Accountability & ownership - holds end-to-end accountability for shift operations, SLA adherence, and team compliance with protocols.
• Planning & organising - manages shift rosters, workload allocation, and operational priorities to sustain 24/7 monitoring coverage without gaps.
• Stakeholder engagement - builds effective working relationships with information security, fraud, technology, compliance, risk, and business teams to align monitoring activities with broader organisational goals.
• Continuous improvement - proactively identifies process gaps, false-positive trends, and tooling limitations, and drives enhancements to improve detection effectiveness and team efficiency.

go to method of application »

Description

RESPONSIBILITIES:

• Monitor Flash system dashboards, alerts, and transaction queues in real time across assigned shifts (rotational, with 24/7 coverage) to identify critical anomalies.
• Investigate and triage alerts in line with defined escalation procedures, distinguishing genuine incidents from false positives and taking appropriate action.
• Escalate confirmed fraud cases and critical system events to the team lead and relevant stakeholders promptly and accurately.
• Log all incidents, actions taken, and outcomes in the designated case management system with accuracy and within required timeframes.
• Contribute to the identification of emerging fraud typologies, cyber threat patterns, and system vulnerabilities by analysing historical incident data and surfacing trends.
• Conduct structured shift handovers, ensuring all open items, outstanding alerts, and critical context are communicated to the relieving analyst.
• Adhere to all monitoring protocols, compliance requirements, and standard operating procedures relevant to the role.
• Identify and report recurring alert patterns or system behaviours that may indicate emerging fraud trends or system risks.
• Participate in team briefings, training sessions, and process improvement initiatives to maintain and enhance monitoring effectiveness.

Requirements

MINIMUM REQUIREMENTS:

• A diploma or degree in Information Technology, Computer Science, Finance, Cybersecurity, Data Science or a related field is required.
• Certifications in fraud prevention, cybersecurity, or IT service management are advantageous.
• 1 - 3 years' experience in operations, monitoring, fraud analytics, or IT support environment.
• Experience in a financial services or payments environment is advantageous.

REQUIRED KNOWLEDGE / TECHNICAL SKILLS:

• Ability to interpret and act on security event data, including log analysis, endpoint telemetry, and network traffic indicators, across multiple systems simultaneously.
• Basic understanding of payments systems and transaction flows (e.g. EFT, card schemes).
• Proficiency in Microsoft Office (Excel, Outlook); ability to log and track incidents accurately.
• Familiarity with fraud detection concepts: transaction anomaly scoring, behavioural pattern analysis, and rule-based flagging.
• Understanding of network protocols, system architecture, and common attack vectors.
• Familiarity with cloud monitoring environments.
• Exposure to Flash or similar payment processing platforms is advantageous.
• Knowledge of AML (Anti-Money Laundering) frameworks or regulatory requirements in financial services is advantageous.
• Knowledge of threat intelligence feeds and their integration into detection pipelines.

COMPETENCIES / ATTRIBUTES:

• Attention to detail - accurately identifies patterns, anomalies, and discrepancies across high volumes of transactions and alerts.
• Analytical thinking - assesses alert data and system behaviour to distinguish genuine incidents from false positives.
• Technical problem-solving - applies technical knowledge to investigate alert root causes, enrich incidents with contextual data, and propose detection improvements.
• Effective communication - clearly and promptly escalates issues to the team lead and documents findings with precision.
• Stress tolerance & resilience - maintains focus and accuracy during high-pressure incidents or sustained periods of shift work.
• Teamwork & collaboration - works cohesively within the monitoring team across shift handovers to ensure continuity.
• Accountability & ownership - takes responsibility for assigned monitoring queues and incident actions through to resolution.
• Adaptability - responds effectively to changing alert volumes, system updates, and evolving fraud typologies.
• Continuous learning – actively maintains awareness of the evolving threat landscape, new attack techniques, and advancements in security and fraud detection.