Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Jul 18, 2022
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Capitec Bank is a South African commercial bank. As of February 2017 the bank was the third largest in South Africa with 120,000 customer opening new accounts per month. To simplify banking, we’ve developed an all-inclusive banking solution. Global One is the one solution that enables you to transact, save and access credit in realtime. We also believe...
    Read more about this company

     

    Penetration Tester

    Purpose Statement

    To ensure that the business is prepared and skilled to mitigate any cyber security threat through

    • Assessing and testing the applications and processes of the Bank.
    • Identifying potential areas of weaknesses from a security perspective.
    • Playing a key role in developing world class cyber security capabilities within the Bank by means of knowledge transfer, education, training and research.

    Experience

    MINIMUM:

    • 3 – 5 years’ experience in cyber security testing
    • Risk identification and communication relating to cyber security

    IDEAL:

    • 5+ years in cyber security testing
    • 2 – 3 years financial services / banking experience 
    • Experience with the Agile and DevOps models

    Qualifications (Minimum)

    • Grade 12 National Certificate / Vocational
    • Certification in Information Technology

    Qualifications (Ideal or Preferred)

    • A relevant tertiary qualification in Information Technology or Information Technology - IT Engineering

    Knowledge

    MINIMUM:

    • Manual and automated security testing of infrastructure, networks, and web applications\services
    • Technical vulnerability assessments (CVE and CVS database knowledge)
    • Best practice technical reviews; using company and industry standards
    • Common network protocols, system architecture, and operating systems
    • Logical access reviews and audit
    • Knowledge of TTP's/MITRE Attack Framework, threat-attack landscape
    • Strong communication and reporting skills, articulate risk to business
    • Solution and white-boarding of systems to be assessed
    • Ability to read\understand at least 1 scripting language (e.g. Python, Bash, PowerShell, C\PHP\Java code)
    • Experience in testing web services, web\mobile applications, and cloud applications
    • Proficiency with pen-testing tools (Security distro’s and intercepting proxy tools)
    • Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT 
    • Understanding of system architectures and platforms (e.g. Windows, Unix, Linux and RedHat)
    • Understanding of tiered web application\service\cloud architectures and related databases (MySQL, MSSQL and Oracle)
    • Understanding of networking protocols and architectures, WAF’s, web and reverse-proxies, DLP, e-mail proxy, DAM, firewalls and perimeter security technologiesEnd User Infrastructure Service technologies (e.g. Print Management Solutions)

    IDEAL:

    • Cyber Security Threat modelling and Attack-Path mapping
    • Conducting and participating in Red-Team\Purple teaming exercises
    • Familiarity with industry regulatory requirements, specific to information security
    • Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell)
    • Reverse engineering of malware\exploits

    Skills

    • Communications Skills
    • Computer Literacy (MS Word, MS Excel, MS Outlook)
    • Attention to Detail
    • Analytical Skills
    • Problem solving skills

    Competencies

    • Adhering to Principles and Values
    • Presenting and Communicating Information
    • Writing and Reporting
    • Applying Expertise and Technology
    • Analysing
    • Learning and Researching
    • Delivering Results and Meeting Customer Expectations

    Conditions of Employment

    • Clear criminal and credit record

    Method of Application

    Interested and qualified? Go to Capitec Bank on careers.capitecbank.co.za to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Capitec Bank Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail