Specialist: Cyber Security at Transnet

Position Purpose

• The primary purpose of the position is to maintain the safety of the organization's ICT systems and networks as well as providing cyber security architecture to enable the business to achieve its strategic outcomes. The position entails creating, testing, implementing and analysing the effectiveness of various security systems as well as preventing data breaches, monitoring and reacting to attacks.
• The incumbent will be required to evaluate the security posture of the organisations internal and external networks, applications, sensitive internal systems, mobile device application and data coding standards. The incumbent will also emulate threat actors attempting to penetrate the organisations network and complete defined objectives, such as obtaining domain admin privileges, gaining access to sensitive information, or simulating a ransomware attack which will be used to strengthen the organisations security posture.
• The incumbent will also provide cyber security architecture services to enable the business to achieve its strategic outcomes.

Qualifications and Experience

• Qualifications, Experience & Inherent Job Requirements Degree in Information Technology. At least 5 years’ IT experience in the following areas: o Cyber security and architecture Experience in information/cyber security at a senior/expert/specialist level Further certifications preferred: Certified Information System Security Professional (CISSP) Offensive Security Certified Professional (OSCP) certification Certified Cloud Security Professional (CCSP) Advantageous: Honours Degree. SAP Security Certification advantageous Microsoft Certified: Azure Security Standard Job Requirements Driver’s license code 08 Travel as required and approved

Competencies

• Knowledge A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired. Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset preferred. Experience with penetration testing highly desired Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding required. Knowledge of Cloud technologies including AWS and Azure Professional experience in both offensive and defensive information security disciplines is strongly desirable. Experience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks. Business change techniques, such as business process re-engineering In depth technical knowledge in the areas of expertise at a world class level. Knowledge of software and hardware technologies - the individual should be familiar with a wide range of applications, operating systems, server applications and tools. Network and server security, including firewalls, VPN, IDS/IPS, anti-virus, patch management, vulnerability management. Business applications including SAP. Domain structures, user authentication, and digital signatures and PKI. Intranet, Extranet, Internet, eCommerce, EDI links with parties within and outside of the organization. Process Control/SCADA/PLC environments would be considered an advantage. Common information security management frameworks, such as International Standards Organization (ISO) 17799/27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (CobiT) frameworks. Knowledge of security issues, techniques and implications across all of the key platforms within the TPL environment, including: Microsoft Windows Server and Desktop, Microsoft SQL Server, SharePoint, UNIX (AIX) Oracle, MaxDB, VPN and remote access technologies, CISCO networking platforms Palo Alto firewall technology, Data leakage prevention, Cryptography, BCM/DRP, Access Control, Wireless Security, Ethical hacking skills, Application Security, IT Cyber Security Risk Assessments.

Equity Statement

• Preference will be given to suitably qualified Applicants who are members of the designated groups in line with the Employment Equity Plan and Targets of the Organisation/Operating Division.

The closing date is on 03/03/2026