JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Tier 3 Technical Specialist , Penetration Testing
Job Ref
269198
Job Type
Permanent
Employer Type
Company
Date Added
15 Nov 2016
Expiry Date 13 Dec 2016
Expiry Date 13 Dec 2016
* There have been 16 applications to this job.
* This job has been viewed 4484 times.
Employer:
Standard Bank
Location:
Gauteng
Salary:
Market related
Benefits:
Role details:
Specialists will be required to work with both business and technology audiences within our environments. This role is also a mentorship role and you will be expected to train and assist the Head of Department to train and up skill the junior staff and technical staff in different business units.
- - - - - - - - - - - - - -
Key responsibilities: Deliver security assessment services including network scanning, vulnerability testing, penetration testing, search engine reconnaissance, and help with incident response.
Assess information security risks associated with both new and existing web, thin-client, and full-client applications in addition to risks in networks and systems.
Communicate findings, risk levels, and fix recommendations verbally, in writing and through presentations to Executive Management and their delegated representatives.
Review new and emerging exploits and vulnerabilities, and understand how to defend against them.
Review both commercial and open-source tools to enhance Standard Banks security testing labs.
Cross-train fellow security team members (architects, analysts, and engineers) on the latest tools and techniques.
Ensure that threat and vulnerability evaluations are performed on a repetitive basis in compliance with Group Policy.
Provide mitigation options to the relevant Head of Technology Risk & IT Security / Business leaders, to reduce risk to an acceptable level, based on the value of the resource to the organization.
Provide requisite support in the event of any crisis to the relevant stakeholders.
Identify, assess and prioritize risks based on clear definitions established with the relevant Head of Technology Risk & IT Security
Ensure accountability is assigned for all identified risks, and measure remediation by line of business.
Coordinate shared service offerings from Penetration Testing services to GTSS Technology Risk & IT Security customer base.
Contribute to development / maintenance of Penetration Testing Service Catalogue
Ensure that declared service levels are being met and provide ongoing support, performance review and mentoring where appropriate.
Ensure adherence of penetration testing per the Information Security Policies / Guidelines /Penetration Testing Policy and Code of Ethics.
Provide recommendations to business and other stakeholders on control measures to minimize and mitigate risk via the bank environment.
Provide risk assessment trends as it relates to penetration testing to assist with the security awareness programmes within the bank.
Mentor, educate and coach team members.
Cross train certified ethical hackers to better understand the banks business lines.
Ensure that staff follows relevant Bank and compliance policies.
Provide training to relevant parties on vulnerabilities, their cause and potential fixes (developers, architects, analysts)
Establish project teams per penetration test and ensure that resources are managed effectively.
Understand and act on those factors that affect the successful delivery of projects
Ensure adherence to IT governance, regulatory and organisational compliance on projects and initiatives
Proactively protect and project a positive image of the GTSS department as well as the bank in all business dealings
Build and maintain good quality relationships with internal and external services suppliers, customers and colleagues.
Proactively protect and project a positive image of the GTSS department as well as the bank in all business dealings.
Provide penetration testing information to enhance policies, process controls and associated systems.
Summary of key relationships:
Heads of Technology Risk & IT Security
Business Information Security Teams
Global Technology Infrastructure
Application Development Teams
Business Infrastructure Teams
Group Operational Risk
Group Audit
Group Legal
Group Compliance
External networks
Vendors
Hacker/pentest forums
Qualifications / knowledge:
Degree or Diploma in Business, IT or a related subject strongly preferred.
Appropriate professional accreditation in Ethical Hacking (CEH) / Audit (CISA) / IT Security/Risk Assessment/ Offensive Security/ Crest strongly preferred.
Business/ Commercial Knowledge:
Strong knowledge of test methodologies and SDLC lifecycle.
Knowledge of test tools/ hardware used in the organization and the penetration testing/hacking community.
Intermediate Project Management.
Intermediate people management.
Good report writing.
Good script writing/ coding/programming
Process management
o Including knowledge of standard business processes including work prioritization, best practices.
Knowledge of domestic and international banking industry.
o Including knowledge of Standard Banks business, products, key clients, business strategy and strategic issues.
o Including knowledge of regulatory requirements of home markets (e.g., SARB, UK, Argentina)
Experience:
Experience in ethical hacking / audit services: 5 - 8 years
Experience with SLDC / development / coding /scripting via multiple platforms: 3 - 5 years
Experience in an information technology role within the banking and /or financial services sector: 3 - 5 years
Experience working with individuals and teams from diverse cultures: 5 - 8 years
Experience working in a multi-vendor and outsourced IT environment: Preferred
Personal Competencies:
Results orientated
Self-motivated
Strong team facilitation skills
Demonstrates confidence
Take responsibility and demonstrate initiative
Ability to learn quickly and multi-task
Operate at a highly skilled technical level
Coaching and training skills
Results orientated
Good written, oral and presentation communication skills
Mentor technical personnel
Ability to think in terms of business outcomes and results
Strong analytical and problem solving skills
Ability to function effectively in a matrix structure
Strong networking skills
Team player approachable, ability to share and consult others
Ability to apply analytical rigour to understand complex business scenarios
An approach that is open to new ideas, practices and methods. The ability to adapt to the requirements of the project, the needs of the sponsors, its environment and people working on it to ensure a successful outcome
Excellent understanding of Core IT concepts
Ability to stay current with IT security trends
Out of the box thinker
An approach that is open to new ideas, practices and methods. The ability to adapt to the requirements of the project, the needs of the sponsors, its environment and people working on it to ensure a successful outcome