Information Security Consultant

Role Purpose:Responsible for the identification, measurement, control and minimisation of loss associated with infiltration testing (hacking) and other uncertain risks throughout the ICT environment.Investigates, detects and prevents fraud within the company. Reports on fraud investigations to Forensic Audit Manager. Reviews all information collected and evaluates evidence against prevailing legal norms and standards. May give factual evidence in a disciplinary process or in criminal or civil court proceedings. Provides advice and consultancy with respect to risk management practices and concerns in order to improve upon the online channel’s security posture and reduce risks.Qualifications:

Degree or Diploma and/or required Certification with 3 to 5 years related experience.

Minimum 3 – 5 Penetration testing experience

Scripting skills like Perl, Javascript, SQL

Python coding

.Net Coding skills

Experience working with Kali toolset and other open source and COTS hacking tools

Grade 12

Completed a pen testing course like HBN, CEH, OSCP or SANS 504, SANS 560, SANS 561 (or equivalent experience)

The incumbent will be required to Certify his/her skills be completing certification exams over time (CEH/GPEN/OSCP) etc.

Role/Responsibilities:

Perform formal penetration tests on web-based applications, networks and computer systems

Conduct physical security assessments of servers, systems and network devices

Design and create new penetration tools and tests

Probe for vulnerabilities in web applications, fat / thin client applications and standard applications

Pinpoint methods that attackers could use to exploit weaknesses and logic flaws

Employ social engineering to uncover security holes (Like poor user security practices or password policies)

Incorporate business considerations (Like loss of earnings due to downtime, cost of engagement) into security strategies

Research, document and discuss security findings with management and IT teams

Review and define requirements for information security solutions

Work on improvements for security services, including the continuous enhancement of existing methodology material, monitoring capabilities and preventative controls.

Provide feedback and verification as an organization fixes security issues

Although the focus is on Offensive security this role will work closely with the defensive security disciplines (Blue Team) and assist in development of systems to automate and improve response times of this team as well.

Send a detailed copy of your CV to Bonita ((email address) – replace the AT with @)Should you not be contacted within 7 days, please consider your application as unsuccessful.

