Penetration Tester - Stellenbosch, South Africa - DataTech Recruitment
Description
Penetration Tester required in Cape Town - Hybrid.The role involves conducting security assessments, providing technical expertise and guidance on cyber security, and staying up-to-date with the latest best practices, tools, and technologies.
You should have relevant qualifications, offensive security training, and experience in cyber security testing, particularly in the financial services/banking sector.
You should also possess strong communication and reporting skills, proficiency in scripting and pen-testing tools, and familiarity with various system architectures and regulatory requirements.
Responsibilities
- Conducting security reviews of external service providers and evaluating their integration with systems
- Delivering penetration test reports that clearly communicate cyber security risks and their severity to relevant stakeholders
- Conducting Red/Purple team engagements to assess the security posture of the company's security controls, people, processes, and procedures
- Providing guidance and recommendations on cyber security to various departments and delivery teams across the business
- Contributing to raising awareness of cyber security across the company
- Maintaining existing tools and expanding cyber offence software and hardware to support the security testing capabilities.
Requirements:
To be considered for this role, you must possess the following qualifications, skills, and experience:
- A relevant tertiary qualification in Information Technology/IT Engineering/BSc, BEng, BCom or related experience
- Offensive Security/Ethical Hacking Training (e.g. OSWE, OSEP or equivalent) is ideal
- 3+ years of experience in cyber security testing
- 23 years of experience in financial services/banking
- Experience with Agile and DevOps models
- Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT
- Understanding of system architectures and platforms (e.g. Windows, Unix, Linux, and RedHat)
- Technical vulnerability assessments (CVE and CVS database knowledge)
- Best practice technical reviews using company and industry standards
- Familiarity with common network protocols, system architecture, and operating systems
- Logical access reviews and audit
- Knowledge of TTP's/MITRE Attack Framework, threatattack landscape
- Strong communication and reporting skills to articulate risk to business
- Solution and whiteboarding of systems to be assessed
- Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell, C/PHP/Java code)
- Proficiency with pentesting tools (Security distros and intercepting proxy tools)
- Risk identification and communication relating to cyber security is ideal
- Cyber Security Threat modelling and Attack-Path mapping is ideal
- Conducting and participating in Red-Team/Purple teaming exercises is ideal
- Familiarity with industry regulatory requirements specific to information security is ideal
- Reverse engineering of malware/exploits is ideal.
Job Types:
Full-time, Permanent
Salary:
R80, R85,000.00 per month
Education:
- Diploma (required)
Experience:
Cyber Security Testing: 3 years (required)
- Financial Services / Banking industry: 2 years (required)
- OWASP /
OSINT:
3 years (required)
More jobs from DataTech Recruitment
-
Gmp Training Lead
Cape Town, South Africa - 1 week ago
-
End-user Support Specialist
Century City, South Africa - 5 days ago
-
Junior Internal Sales Representative
Midrand, South Africa - 1 week ago
-
Creditors Clerk
Midrand, South Africa - 4 days ago
-
Product Stock Custodian
Midrand, South Africa - 3 days ago
-
Senior Project Manager
Stellenbosch, South Africa - 2 days ago