Job Description

Job Title: Specialist Cyber Security Assurance
Location: Midrand
Duration: 12 months
Brief Description
Reporting to of Manager Cybersecurity & Assurance as the Specialist Cyber Security Assurance, your responsibilities will be to;

• Manage the Security and Privacy by Design Assurance (SPDA) processes
• Ensure that all projects follow the security-by-design principles, and that privacy and security risks are mitigated from the design phase to implementation.
• Conduct internal and external penetration tests on the companys infrastructure, web applications, APIs, and network systems to identify vulnerabilities.
• Assess the security of new and existing systems, products, and services to ensure compliance with company security policies, industry standards, and best practices.
• Safely exploit vulnerabilities to determine the risks of unauthorized access or data compromise.
• Conduct both automated and manual tests to evaluate the resilience of systems against various attack vectors.
• Architect and design cybersecurity systems in line with industry best practices to ensure security, performance, and scalability.
• Collaborate with IT teams to ensure secure integration of new systems and services and that they comply with cybersecurity requirements.
• Implement threat modeling and risk assessments in the design phase of security systems and software.
• Review and provide security assessments of company technology projects to close any MPA risks (Material, Procedural, and Administrative), ensuring that risks are mitigated early.
• Ensure that all projects are designed, executed, and delivered with the required security baselines in mind.
• Stay up-to-date with the latest security trends, attack techniques, and mitigation strategies to ensure the organization remains ahead of emerging threats.
• Research and implement innovative cybersecurity technologies and methodologies to improve overall defense posture.
• Participate in knowledge sharing, training, and mentoring activities within the cybersecurity team to foster a culture of continuous learning and improvement.

Key Skills and Qualifications:

• Experience: Minimum of 3 years in penetration testing or ethical hacking.
• Certifications: Strongly preferred certifications like OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor).
• Technical Skills:

• Proficiency in penetration testing tools such as Kali Linux, Burp Suite, Metasploit, Nessus, etc.
• Strong knowledge of network security, web application security, cloud security, and mobile application security.
• Familiarity with programming/scripting languages like Python, Bash, Ruby, PowerShell, or JavaScript.
• In-depth understanding of TCP/IP, DNS, HTTP/S, SSL/TLS, and other network protocols.
• Solid understanding of common attack techniques like SQL injection, XSS, CSRF, buffer overflow, and others.
• Soft Skills:

• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills, with the ability to articulate complex technical findings to non-technical stakeholders.
• Strong attention to detail and a methodical approach to testing and reporting.

Skills Required