Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Sep 30, 2020
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Note: Never pay any money to any recruiter for any purpose (certificates, medical testing, interview, work kit or any other thing).
    Capitec Bank is a South African commercial bank. As of February 2017 the bank was the third largest in South Africa with 120,000 customer opening new accounts per month. To simplify banking, we’ve developed an all-inclusive banking solution. Global One is the one solution that enables you to transact, save and access credit in realtime. We also believe...
    Read more about this company

    Penetration Tester

    Purpose Statement

    • The incumbent will form part of the Cyber Offence team, whose goal is to ensure that the business is prepared and skilled to mitigate any cyber security threat.
    • The incumbent will play a major role in developing “world-class” cyber security capabilities within the Bank.

    Experience

    Min:

    • 3+ years experience in security testing

    Ideal:

    • 2 - 3 years’ financial services / banking background
    • 5+ years experience in security testing

    Qualifications (Minimum)

    • Grade 12 National Certificate / Vocational
    • Certification in Information Systems Auditing (CISA) or CISSP

    Knowledge

    Min:

    • Manual and automated security testing of infrastructure, networks, and web applications\services
    • Technical vulnerability assessments (CVE and CVS database knowledge)
    • Best practice technical reviews; using company and industry standards
    • Common network protocols, system architecture, and operating systems
    • Logical access reviews and audit
    • Common cyber-attack techniques
    • Working within technically adept teams
    • Strong communication and reporting skills, articulate risk to business
    • Solution and white-boarding of systems to be assessed
    • Ability to read\understand at least 1 scripting language (e.g. Python, Bash, PowerShell, C\PHP\Java code)
    • Experience in testing web services, web\mobile applications, and cloud applications
    • Proficiency with pen-testing tools (Security distro’s and intercepting proxy tools)
    • Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT
    • Understanding of system architectures and platforms (e.g. Windows, Unix, Linux and RedHat)
    •  Understanding of tiered web application\service\cloud architectures and related databases (MySQL, MSSQL and Oracle)
    • Understanding of networking protocols and architectures, WAF’s, web and reverse-proxies, DLP, e-mail proxy, DAM, firewalls and perimeter security technologies

    Ideal:

    • Building an internal security testing team
    • Cyber Security Threat modelling and Attack-Path mapping
    • Conducting and participating in Red-Team\Purple teaming exercises
    • Experience with the Agile and DevOps models
    • Banking\financial systems knowledge
    • Familiarity with industry regulatory requirements, specific to information security
    • Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell)
    • Red-Team training within a Microsoft AD networked environment
    • C2 staging and implementation environments
    • Research and development leading to automation and development of tools to aid in streamlining testing
    • Reverse engineering of malware\exploits

    Skills

    • Communications Skills

    Competencies

    • Achieving Personal Work Goals and Objectives
    • Delivering Results and Meeting Customer Expectations
    • Working with People

    Additional Information

    • A valid driver's license and own vehicle is preferred
    • Clear criminal and credit record
    • Contactable via own mobile phone
    • Required to be available after hours in case of emergency
    • Willingness to work or be available overtime and / or weekends if required

    Method of Application

    Interested and qualified? Go to Capitec Bank on careers.capitecbank.co.za to apply

    Learn how to get a job in any industry you want. Read 72 Hours to The Job You Love

  • Send your application

Back To Home

Career Advice

View All Career Advice

Subscribe to Job Alert

 

Join our happy subscribers

This website uses cookies to improve your experience. By using this site you agree to the storing of cookies on your device to enhance navigation, analyze site usage, and assist in our marketing efforts. To learn more, see our Cookie Policy. Accept and Close
 
 
 
Send your application through

Yahoomail Gmail Hotmail