Security Validation Consultant (VP) at Absa Group Limited (Absa)

Job Summary

• To support the Security Validations Manager in running the daily SV operations. 
• This role will be responsible will be responsible for the execution of the security validation strategy and ensure execution thereof. 
• The Security Validation Consultant is responsible for facilitating the identification, analysis, and exploitation of vulnerabilities in Absa’s systems, networks, and applications. 
• This involves simulating real-world cyber-attacks to assess the security posture of Absa and requesting actionable recommendations from management to mitigate risks. The consultant will work closely with stakeholders to understand their security needs, deliver high-quality Security Validation services, and contribute to the overall improvement of the bank's cybersecurity profile.
• Keep abreast of the latest security threats and malware.

Job Description

Accountability: Vendor management 

• Ensure that vendors are on boarded timeously to avoid delays in the execution of the work.
• Manage a team of third-party vendors conducting security validation tests to ensure that they deliver on the agreed scope and within timelines
• Set the quality requirements for the vendors
• Attend the quarterly business review sessions where vendor performance is discussed

Stakeholder Management 

• Build effective working relationship/information flow with key stakeholders.
• Hold regular communication sessions with relevant stakeholders. Interface with stakeholders (Risk Assurance team, Risk Control Officers, Risk Managers and CIOs) in a constructive and professional manner.
• Become the escalation point in the event of any blockers during an assessment.
• Provide cyber security SME services as and when required by stakeholders.

Financial Management

• Allocate funds to vendors based on the assigned book of work
• Ensure that Pos are allocated for the vendors
• Ensure invoices are processed correctly and on time
• Monitor expenditure against the overall available budget

Accountability: Planning Security testing

• Assist the SV Manager with the formulation of the annual security validation testing book pf work as part of the combined assurance plan in conjunction with the stakeholders
• Schedule scoping sessions with all the relevant stakeholders to commence a pentest
• Work closely with the stakeholders in defining the scope and goals of a test.
• Document and socialize the announcement memo for the scheduled work from the agreed scope of work (SoW) produced by the vendor.

Accountability: Execution

• Coordinate the requirements for the assessment
• Serve as the escalation point of contact for the assessment

Accountability: Reporting

• Socialize the technical report with identified issues for the assessment from the vendor
• Schedule a triage session to discuss the identified issues
• Document the report in the Absa report template
• Obtain management comments for the identified issues
• Obtain AE approval for the report
• Issue final report timeously as the defined
• Provide the required SV information to the Combined Assurance Coordinator for various committees when required

Accountability: Issue Management

• Perform issue validation as per issue management standard

Accountability: Governance

• Contribute to the definition and maintenance of all processes and standards linked to SV testing.
• Support in the development and maintenance of security testing programmes.
• Uphold all documents relevant to the assessment on the allocated system

Education

• Bachelor`s Degrees and Advanced Diplomas: Information Technology (Required)