ENVIRONMENT:
A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Security Analyst to join their dynamic team. The ideal candidate will have 2-5 years of hands-on experience in Penetration Testing, with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments, including but not limited to network, mobile, web, thick-client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analyzing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.
DUTIES:
Penetration Testing Duties:
- Work as part of a vulnerability assessment and /or penetration testing team, taking direction from line managers and executing directives in a thorough and timely fashion
- Conduct vulnerability assessments on a wide variety of technologies and implementations utilising both automated tools and manual techniques
- Conduct network penetration tests
- Conduct application penetration tests (web and thick client)
- Conduct wireless and mobile security assessments
- Conduct social engineering assessments
- Conduct physical security assessments
- Effectively communicate successes and obstacles with fellow team members and line managers
- Interface with client contact(s) and staff in a constructive and professional manner
- Develop subject matter expertise in topics to include network, database, wireless and application security assessments and adversarial network operations
- Utilise common vulnerability assessment and penetration testing tools
Red Teaming Duties:
- Working as part of a Red Team and assisting with the following duties (but not limited to):
- Initial reconnaissance – open-source intelligence (OSINT) for collecting information on the targets
- Initial compromise – gaining a foothold into the target environment through targeting weaknesses in people, process and / or technology.
- Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication / persistence in the target’s network.
- Develop tools, techniques and procedures to evade detection by blue team (including the development of custom payloads)
- Escalate privileges and maintain persistence
- Exfiltrate and / or complete objectives
Research and Development Duties
- Research new vulnerabilities with a focus on high-profile products
- Understand the terminology and tactics employed by threat actors Research new attack methods
REQUIREMENTS:
- Minimum 2-5 years of Penetration Testing experience required Including conducting different types of assessments, such as network, mobile, web, thick, wireless, social engineering, physical, etc.
While we would really like to respond to every application, should you not be contacted for this position within 10 working days please consider your application unsuccessful.
COMMENTS:
When applying for jobs, ensure that you have the minimum job requirements. Only SA Citizens will be considered for this role. If you are not in the mentioned location of any of the jobs, please note your relocation plans in all applications for jobs and correspondence. Apply here [URL Removed] e-mail a Word copy of your CV to [Email Address Removed] and mention the reference number of the job.
Desired Skills:
- Security
- Analyst
- jhb