Analyst, Vulnerability Management - Security Cyber
Job Overview
Business Segment: Group Functions
Location: ZA, Gauteng, All Major Cities, Head Office Sites
To provide expert professional knowledge and technical skills within a specialist area. To execute the bank's information security initiatives, enabling management to make the appropriate decisions and monitoring the protection of sensitive data and systems.
Qualifications
- 5-7 years experience in risk management and identifying mitigating strategies and plans
- 5-7 years strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions
- 8-10 years experience in technical and business management; databases, operating systems, and network security controls
Additional Information
- Adopting practical approaches
- Articulating information
- Interpreting data
- Making decisions
- Producing output
- Providing insights
- Research and keep up to date on application security threats and vulnerabilities, tools, techniques and procedures, trends, and mitigation strategies.
- Working knowledge of OWASP, the MITRE ATT&CK framework, SANS, or other security-related frameworks and familiarity with application threat modelling or other risk identification techniques.
- Support purple teaming exercises designed to build cyber resiliency across disparate security teams.
- Familiarity with vulnerability management and scanning tools such as Rapid7, Qualys, Nessus, Tenable.
- Familiarity with defensive technologies such as security information and event management systems (SIEMs), endpoint protection (EPP) and endpoint detection/response (EDR) tools, threat intelligence platforms (TIP), and open-source intelligence (OSINT) tools.
- Proficiency in scripting languages such as Python, PowerShell, Bash and Ruby is an added advantage; competency with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, PowerShell Empire and AutoSploit is also an added advantage.
Please note: All our recruitment processes comply with the applicable local laws and regulations. We will never ask for money or any form of payment as part of our recruitment process. If you experience this, please contact our Fraud line on +27 800222050 or
#J-18808-Ljbffr