Cyber Security Engineer: CISSP l SABSA F1/F2/A1/A3

Cyber Security Engineer: Digital Payment Project: LDC

Make the bank more secure by assisting projects and IT delivery teams make the right decisions when planning and implementing security measures to monitor and protect sensitive data and systems from infiltration or misuse.

Responsibilities:

Provide Security Engineering Expertise:

• Act as subject matter expert wrt security engineering activities, by advising projects, business areas and other engineers on how to implement cyber security controls correctly
• Designing, engineering, planning, implementing, and supporting security solutions by working with projects and business areas from initial design through build and test to providing 2nd line support in production
• Develop detailed security designs that are practical and align to architectural requirements by working with architects and software engineers to realize how cyber security technologies should be implemented
• Actively participates in the day-to-day technical tasks, either project related or incident related, by attending meetings, reviewing deliverables, and performing post incident analysis

Guide Major Programs in making security decisions:

• Assist projects with practical guidance in unpacking and implementing system security requirements, by working with projects in designing and configuring cyber security technologies appropriately
• Assist with the Prototype and Pilot of proposed security solutions by working with projects or running prototypes and pilots to demonstrate the viability of a cyber security control technology
• Provide configuration assistance and troubleshoot implementation issues with security solutions by reviewing tests, implementations and incidents and recommending better ways of working

Provide leadership and guidance to other non-security technical personnel

• Assist projects with practical guidance in unpacking and implementing system security requirements, by working with projects in designing and configuring cyber security technologies appropriately
• Assist with the Prototype and Pilot of proposed security solutions by working with projects or running prototypes and pilots to demonstrate the viability of a cyber security control technology
• Provide configuration assistance and troubleshoot implementation issues with security solutions by reviewing tests, implementations and incidents and recommending better ways of working

Provide technical capability to match information security controls to business risks:

• Providing solutions to security and technical challenges facing the bank presently and future though understanding the evolving risk landscape and developing appropriate control measures
• Provide technical input to organization risk management policies and standards through providing content and review to how business and risk rules can be implemented
• Finding security vulnerabilities by generating various attack scenarios for target systems under development, mapping attack paths and understanding how the bank could be compromised
• Develop countermeasures for identified security vulnerabilities through identifying candidate controls and selecting the most beneficial controls for implementation Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks, through building technical control capabilities and maturing their operational effectiveness.

Requirements:

• Degree: IT / Computer Sciences
• CISSP, SABSA F1/F2/A1/A3
• 7 years: Detailed technical knowledge of database, operating system, and network security controls and how they should be tested
• 7 years: Detailed technical knowledge of representing risk data to technical and business management
• 4 years: Hands on experience in software development including integration development

Technical Stack:

• Information Security l Knowledge of Banking & Financial Services business l Awareness of the Software Development Life Cycle
• IT Risk Management
• Integrate patterns between systems
• IT Architecture

Recruitment Note: Communication will only be with shortlisted candidates: jino.

POPIA DISCLAIMER:

By submitting your application, you agree:

To the processing of your personal information and sharing it with third parties for verifications.

To you exercising of your rights provided for by POPIA.

To Isilumko keeping your personal information confidential.