Applications Specialist I: Cyber Security: Retail: Cape Town: Permanent Position

SUMMARY:
-

POSITION INFO:

Applications Specialist I: Cyber Security: Retail: Cape Town: Permanent Position

Role Purpose:

To support the delivery and execution of cyber security operations with a primary focus on application security across the software development lifecycle (SDLC). Build and mature appsec as an internal capability to build in security by default. This is a highly technical role requiring practical experience in penetration testing, code reviews, SDLC security and DevOps. The role will be split 50% penetration testing and 50% application security. This is a permanent position based at the Head Office in Cape Town.

Your responsibilities will include:

Responsible for managing and monitoring application security

• Define and manage a risk-based methodology for application security testing and validation.
• Perform internal application and service penetration testing according to the methodology.
• Coordinate external penetration testing where required.
• Help drive and validate remediation of findings.
• Consult with application development teams during projects and initiatives.
• Provide appsec reporting for operational security dashboards.
• Provide guidance via documentation and standards on application security practices.

Responsible for improving application security

• Integrate security practices into the SDLC and DevSecOps under the guiding principle of ‘security by default’.
• Maintain and enhance the toolsets required for mature application security covering pen testing, secure coding, source code analysis and vulnerability management.
• Investigate new approaches, technologies, and automation to mature appsec.
• Provide appsec training.

Responsible for Red Teaming

• Work with the rest of the security operations team to proactively identify vulnerabilities and validate controls across the Client environment.
• Support the team in responding to security incidents.
• Work with, and coordinate, external providers where and when relevant.

Â

The Ideal Candidate for this role will have:

• Grade 12 and relevant degree/diploma (3 years)
• 3 years relevant experience in cyber security, up to 10 years in IT
• Hands on practical experience in application security and penetration testing
• Knowledge of devops / devsecops and the ability to integrate bug resolution into CI/CD processes

Additional Criteria:

• Software development experience
• Relevant qualifications and certifications such as OSCP, OSWE, SANS and CREST
• Ability to script and automate processes
• Practical experience with the MITRE ATT&CK framework is advantageous
• May be required to assist outside of working hours
• Knowledge of Client IT and cyber security landscape, including systemic understanding of key business linkages and dependencies
• Is aware of and responsive to internal and external events and influences on the technical landscape
• Ability to research technology-related concepts, trends, and best practices, and apply findings
• Appropriately derives and organises the essence of information to draw solid conclusions
• Looks beyond symptoms to uncover root causes of problems to be solved
• Synthesises data from different sources to identify trends
• Presents problem analysis and a recommended solution rather than just identifying and describing the problem itself
• Proactively approaches others to obtain missing information
• Demonstrates a results-oriented mindset in planning and implementing activities/projects
• Clearly defines objectives and translates them into workable activities
• Monitors and tracks progress to ensure delivery of all planned commitments, and keeps the appropriate people informed
• Prepares written reports and briefs and communicates ideas clearly
• Speaks fluently in team meetings when presenting information
• Manages existing partnerships within established agreements or contracts; negotiates adjustments when mutually beneficial to do so
• Genuinely cultivates personal bonds with colleagues to enhance performance throughout the organisation
• Adjusts to work effectively within new work structures, processes, requirements, or cultures
• Demonstrates resourcefulness in acquiring necessary knowledge, skills, and competencies to adapt to change

jino.swart@isilumko.co.za

NB! This job is now closed. You can apply for other jobs by uploading your CV.