3 First Place, Cnr Simmonds & Pritchard Streets, Johannesburg, 2001
Job Description: An IT Security Analyst with a focus on security architecture experience plays a crucial role in safeguarding an organization’s data and systems against internal and external security threats. Ongoing Security Testing for Online Banking ensures that these applications are secure.
Hello future IT Security Analyst/Architect.
Welcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of the people that make it happen.
As part of our Core Banking Team, you will be surrounded by unique talents, diverse minds, and an adaptable environment that lives up to the promise of staying curious. Now’s the time to imagine your potential in a team where experts come together and ignite effective change.
Are you someone who can:
Security Architecture Design:
- Develop comprehensive security architectures and frameworks tailored to the organization’s needs. Assess security risks, identify vulnerabilities, and define security requirements to establish a robust security posture.
- Design secure software architectures and applications to mitigate vulnerabilities and prevent exploitation by attackers. Conduct threat modeling, secure code reviews, and penetration testing to identify and address security weaknesses in software systems.
- Evaluate security technologies and recommend solutions to enhance security posture to protect the organization's sensitive information assets.
- Assess information security risks and implement technical controls to safeguard data confidentiality, integrity, and availability.
Research and Evaluation:
- Research new security tools, assess their applicability, and evaluate products and service offerings to enhance the organization’s security posture.
- Perform ongoing Security Testing for Online Banking to ensure that applications are secure, in accordance with the National Credit Act (NCA).
Incident Response and Compliance:
- Support incident response policies. Monitor compliance with security policies, document findings, and ensure successful closure of compliance deficiencies and incidents.
Data Protection and Confidentiality:
- Implement processes to protect data confidentiality, integrity, and availability.
Project Participation:
- Participate in or lead projects assigned by the Chief Information Security Officer (CISO) to meet information security requirements.
- Assist in the design of new business tools and products, ensuring best practices and effective security principles are incorporated.
We would love to see applicants who:
- Have expert knowledge of and experience with security tools/techniques.
- Possess knowledge of security architecture to enhance software development to include security-by-design principles.
- Utilize tools and technologies to conduct ethical hacking and penetration testing with a particular emphasis on custom developed web applications.
- Analyze test results and report on recommendations to rectify any vulnerabilities identified.
- Ensure compliance with security standards within the business unit and organization.
- Consult on projects to identify risks, vulnerabilities, and controls for new developments.
- Identify significant risks during the software development test cycle and implement controls to mitigate these risks.
- Research and assist in the implementation of security products within the organization.
- Perform functional and technical test analysis and testing on security-specific projects.
- Maintain current knowledge of the Information Systems security industry’s emerging technologies.
Qualification AND Experience:
- IT Degree
- Preference for security qualifications (e.g., OPST, CISSP, CISM, Security+)
Additional Requirements:
- Perform security reviews, focusing on testing of major software components and their code.
- Firewall knowledge and experience in firewall reviews and network design.
- Comply with and implement all steps for IT Information Security Processes and Procedures.
- Analyze information security test results and report on recommendations to rectify any vulnerabilities identified.
- Contribute to the implementation and maintenance of corporate-wide information security policies, programs, and standards.
- Perform risk assessments and technical vulnerability analyses.
- Report on mitigating actions required to correct or remedy actions where necessary.
- Consult on projects to identify risks, vulnerabilities, and controls for new developments.
- Perform Security Assessments on internal environments or external 3rd party environments.
#Post
#FNB
#LI-ML2
#J-18808-Ljbffr