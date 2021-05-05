Penetration Tester – Bryanston – up to R750k per annum at e-Merge IT Recruitment

May 5, 2021

Penetration Tester – Bryanston – up to R750k per annum

A global financial group providing integrated innovation solutions through advisory, technology, strategic execution, branding, and investment looks to employ the services of a Penetration Tester.

The successful candidate will be required to ensure that the business is prepared and skilled to mitigate any cyber security threat. You will play a huge role in developing “world-class” cyber security capabilities within the organization.

Requirements:

Software Testing and development

  • Knowledge of the secure software development lifecycle
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, SQL injection)
  • Knowledge of web services, including service-oriented architecture (e.g., SOAP, REST) and web service description language (e.g., WSDL, Swagger)
  • Knowledge of secure software deployment methodologies, tools, and practices
  • Knowledge of software development models (e.g., Waterfall, Agile)
  • Knowledge of data security standards
  • Knowledge of Information and Cybersecurity best practices (. e.g., ISF, CIS, OWASP)

Qualifications

  • Bachelor’s Degree in information technology
  • Relevant Information Security Certification (CISA, CISSP, CISM)
  • Ethical Hacking Training (CEH, GPEN)
  • Knowledge of cyber threats and vulnerabilities
  • Knowledge of vulnerability assessment tools, including open-source tools, and their capabilities
  • Knowledge of infrastructure, network, and software penetration testing principles, tools, and techniques
  • Knowledge of root cause analysis techniques
  • Knowledge of cybersecurity principles that apply to infrastructure and network deployments and software development
  • Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity
  • Knowledge of cyber attackers (e.g., script kiddies, insider threat, organised crime, and nation-states)
  • Knowledge of general attack stages (e.g., cyber kill-chain)
  • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
  • Knowledge of basic system administration, network, and operating system (Windows and Linux) hardening techniques
  • Knowledge of cryptography and cryptographic key management concepts
  • Knowledge of host/network access control mechanisms (e.g., access control list)
  • Knowledge of common network protocols (e.g., TCP, UDP, DHCP, DNS)
  • Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption)
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defence-in-depth)
  • Knowledge of the application and network firewall concepts and functions

Desired Skills:

  • SQL
  • SOAP
  • Waterfall
  • Agile
  • Swagger

Desired Work Experience:

  • 5 to 10 years

Desired Qualification Level:

  • Degree

