|Company:||E-Merge IT Recruitment|
A global financial group providing integrated innovation solutions through advisory, technology, strategic execution, branding, and investment looks to employ the services of a Penetration Tester.
The successful candidate will be required to ensure that the business is prepared and skilled to mitigate any cyber security threat.
The incumbent will play a huge role in developing “world-class” cyber security capabilities within the organization.
Software Testing and development
- Knowledge of the secure software development lifecycle.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, SQL injection).
- Knowledge of web services, including service-oriented architecture (e.g., SOAP, REST) and web service description language (e.g., WSDL, Swagger)
- Knowledge of secure software deployment methodologies, tools, and practices.
- Knowledge of software development models (e.g., Waterfall, Agile).
- Knowledge of data security standards.
- Knowledge of Information and Cybersecurity best practices (. e.g., ISF, CIS, OWASP)
- Bachelor’s Degree in information technology
- Relevant Information Security Certification (CISA, CISSP, CISM)
- Ethical Hacking Training (CEH, GPEN)
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of vulnerability assessment tools, including open-source tools, and their capabilities.
- Knowledge of infrastructure, network, and software penetration testing principles, tools, and techniques.
- Knowledge of root causes analysis techniques.
- Knowledge of cybersecurity principles that apply to infrastructure and network deployments and software development.
- Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
- Knowledge of cyber attackers (e.g., script kiddies, insider threat, organised crime, and nation-states).
- Knowledge of general attack stages (e.g., cyber kill-chain).
- Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
- Knowledge of basic system administration, network, and operating system (Windows and Linux) hardening techniques.
- Knowledge of cryptography and cryptographic key management concepts.
- Knowledge of host/network access control mechanisms (e.g., access control list).
- Knowledge of common network protocols (e.g., TCP, UDP, DHCP, DNS).
- Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defence-in-depth).
- Knowledge of the application and network firewall concepts and functions.
Are you ready for a change of scenery? E-Merge IT recruitment is a specialist niche recruitment agency. We offer our candidates options so that we can successfully place the right developers with the right companies in the right roles. Check out the e-Merge website www.e-merge.co.za for more great positions.
Do you have a friend who is a developer or technology specialist? We pay cash for successful referrals!
Posted on 24 Aug 16:28
011 463 3633