JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Technical Specialist Penetration Testing
Job Ref
265977
Job Type
Permanent
Employer Type
Company
Date Added
15 Nov 2016
Expiry Date 13 Dec 2016
Expiry Date 13 Dec 2016
* There have been 48 applications to this job.
* This job has been viewed 6763 times.
Employer:
Standard Bank
Location:
Gauteng
Salary:
Market related
Benefits:
Role details:
Job purpose:
As Tier 3 Technical Specialist, Penetration Testing at Standard Bank, you will assess security risks related to our business information technology systems.
Specialists will be required to work with both business and technology audiences within our environments. This role is also a mentorship role and you will be expected to train and assist the Head of Department to train and up skill the junior staff and technical staff in different business units.
- - - - - - - - - - - - - -
Key responsibilities:- Deliver security assessment services including network scanning, vulnerability testing, penetration testing, search engine reconnaissance, and help with incident response.
- Assess information security risks associated with both new and existing web, thin-client, and full-client applications in addition to risks in networks and systems.
- Communicate findings, risk levels, and fix recommendations verbally, in writing and through presentations to Executive Management and their delegated representatives.
- Review new and emerging exploits and vulnerabilities, and understand how to defend against them.
- Review both commercial and open-source tools to enhance Standard Banks security testing labs.
- Cross-train fellow security team members (architects, analysts, and engineers) on the latest tools and techniques.
- Ensure that threat and vulnerability evaluations are performed on a repetitive basis in compliance with Group Policy.
- Provide mitigation options to the relevant Head of Technology Risk & IT Security / Business leaders, to reduce risk to an acceptable level, based on the value of the resource to the organization.
- Provide requisite support in the event of any crisis to the relevant stakeholders.
- Identify, assess and prioritize risks based on clear definitions established with the relevant Head of Technology Risk & IT Security
- Ensure accountability is assigned for all identified risks, and measure remediation by line of business.
- Coordinate shared service offerings from Penetration Testing services to GTSS Technology Risk & IT Security customer base.
- Contribute to development / maintenance of Penetration Testing Service Catalogue
- Ensure that declared service levels are being met and provide ongoing support, performance review and mentoring where appropriate.
- Ensure adherence of penetration testing per the Information Security Policies / Guidelines /Penetration Testing Policy and Code of Ethics.
- Provide recommendations to business and other stakeholders on control measures to minimize and mitigate risk via the bank environment.
- Provide risk assessment trends as it relates to penetration testing to assist with the security awareness programmes within the bank.
- Mentor, educate and coach team members.
- Cross train certified ethical hackers to better understand the banks’ business lines.
- Ensure that staff follows relevant Bank and compliance policies.
- Provide training to relevant parties on vulnerabilities, their cause and potential fixes (developers, architects, analysts)
- Establish project teams per penetration test and ensure that resources are managed effectively.
- Understand and act on those factors that affect the successful delivery of projects
- Ensure adherence to IT governance, regulatory and organisational compliance on projects and initiatives
- Proactively protect and project a positive image of the GTSS department as well as the bank in all business dealings
- Build and maintain good quality relationships with internal and external services suppliers, customers and colleagues.
- Proactively protect and project a positive image of the GTSS department as well as the bank in all business dealings.
- Provide penetration testing information to enhance policies, process controls and associated systems.
Qualifications / knowledge:
- Degree or Diploma in Business, IT or a related subject strongly preferred.
- Appropriate professional accreditation in Ethical Hacking (CEH) / Audit (CISA) / IT Security/Risk Assessment/ Offensive Security/ Crest strongly preferred.
Business/ Commercial Knowledge:
- Strong knowledge of test methodologies and SDLC lifecycle.
- Knowledge of test tools/ hardware used in the organization and the penetration testing/hacking community.
- Intermediate Project Management.
- Intermediate people management.
- Good report writing.
- Good script writing/ coding/programming
- Process management
1. Including knowledge of standard business processes including work prioritization, best practices.
- Knowledge of domestic and international banking industry.
1. Including knowledge of Standard Bank’s business, products, key clients, business strategy and strategic issues.
2. Including knowledge of regulatory requirements of home markets (e.g., SARB, UK, Argentina)