Analyst, Vulnerability Management - Security Cyber at Standard Bank Group

Job Description

To provide expert professional knowledge and technical skills within a specialist area. To execute the bank's information security initiatives, enabling management to make the appropriate decisions and monitoring the protection of sensitive data and systems.

Qualifications

•  A degree in Information Technology
• 5-7 years Experience in risk management and identifying mitigating strategies and plans
• 5-7 years Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions
• 8-10 years Experience in technical and business management; databases, operating systems, and network security controls

Behavioral Competencies:

• Adopting Practical Approaches
• Articulating Information
• Interpreting Data
• Making Decisions
• Producing Output
• Providing Insights

Technical Competencies:

• Research and keep up to date on application security threats and vulnerabilities, tools, techniques and procedures, trends, and mitigation strategies.
• Working knowledge of OWASP, the MITRE ATT&CK framework, SANS, or other security-related frameworks and familiarity with application threat modelling or other risk identification techniques and Support purple teaming exercises designed to build cyber resiliency across disparate security teams.
• Familiarity with vulnerability management and scanning tools such as Rapid7, Qualys, Nessus, Tenable.
• Familiarity with defensive technologies such as security information and event management systems (SIEMs), endpoint protection (EPP) and endpoint detection/response (EDR) tools, threat intelligence platforms (TIP), and open-source intelligence (OSINT) tools.
• Proficiency in scripting languages such as Python, PowerShell, Bash and Ruby is an added advantage and competency with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, PowerShell Empire and AutoSploit is an added advantage.