Capitec Bank | Penetration Tester 2020
5:42 am
[ad_1]
Capitec Bank | Penetration Tester 2020
Location: Stellenbosch, Western Cape, ZA
Company: Capitec Bank Ltd
Purpose Statement
- The incumbent will form part of the Cyber Offence team, whose goal is to ensure that the business is prepared and skilled to mitigate any cybersecurity threat.
- The incumbent will play a major role in developing “world-class” cybersecurity capabilities within the Bank.
Experience
Min:
- 3+ years of experience in security testing
Ideal:
- 2 – 3 years’ financial services/banking background
- 5+ years of experience in security testing
Qualifications (Minimum)
- Grade 12 National Certificate / Vocational
- Certification in Information Systems Auditing (CISA) or CISSP
Knowledge
Min:
- Manual and automated security testing of infrastructure, networks, and web applicationsservices
- Technical vulnerability assessments (CVE and CVS database knowledge)
- Best practice technical reviews; using the company and industry standards
- Common network protocols, system architecture, and operating systems
- Logical access reviews and audit
- Common cyber-attack techniques
- Working within technically adept teams
- Strong communication and reporting skills, the articulate risk to the business
- Solution and white-boarding of systems to be assessed
- Ability to readunderstand at least 1 scripting language (e.g. Python, Bash, PowerShell, CPHPJava code)
- Experience in testing web services, webmobile applications, and cloud applications
- Proficiency with pen-testing tools (Security distro’s and intercepting proxy tools)
- Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT
- Understanding of system architectures and platforms (e.g. Windows, Unix, Linux, and RedHat)
- Understanding of tiered web applicationservicecloud architectures and related databases (MySQL, MSSQL, and Oracle)
- Understanding of networking protocols and architectures, WAF’s, web and reverse-proxies, DLP, e-mail proxy, DAM, firewalls, and perimeter security technologies
Ideal:
- Building an internal security testing team
- Cyber Security Threat modeling and Attack-Path mapping
- Conducting and participating in Red-TeamPurple teaming exercises
- Experience with the Agile and DevOps models
- Bankingfinancial systems knowledge
- Familiarity with industry regulatory requirements, specific to information security
- Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell)
- Red-Team training within a Microsoft AD networked environment
- C2 staging and implementation environments
- Research and development leading to automation and development of tools to aid in streamlining testing
- Reverse engineering of malwareexploits
Skills
- Communications Skills
Competencies
- Achieving Personal Work Goals and Objectives
- Delivering Results and Meeting Customer Expectations
- Working with People
Additional Information
- A valid driver’s license and own vehicle is preferred
- Clear criminal and credit record
- Contactable via own mobile phone
- Required to be available after hours in case of emergency
- Willingness to work or be available over time and/or weekends if required
Mr Price | DC Administrator 2020
SHOPRITE | Food Technologist- Quality Assurance 2021
Capitec Bank | Money Laundering Investigator
[ad_2]
About The Author
