Specialist Solution Analyst at Sabenza IT – Western Cape Cape Town CBD

Our client within the banking sector is looking for a Specialist Solution Analyst.

As a result you will provide security analysis and design input as a member of the Security Engineering team with a focus on establishing the security enablers required by the product engineering community as well as tactical support for teams when needed. The Security Engineering team needs a security analyst, much like an LSC, who can provide specialized input into the efforts of the team as we establish the enablers we need to improve our cyber security posture.

Requirements

  • Participate in threat modeling exercises with product engineering teams.
  • Document threat mitigation patterns that are feasible within the current environment.
  • Design of new mitigation patterns where gaps are identified.
  • Identity security misconfigurations in IT infrastructure eg databases, queues, web servers
  • Establish secure default configurations for IT infrastructure.
  • Select security training material for the Security Champions and product engineering teams.
  • Participate in security training, such as Capture The Flag exercises and walkthroughs
  • Development of security code review guidelines.
  • Development of appropriate access governance controls within the development environment to promote upholding the principles of least privilege and segregation of duties.
  • Input into the evolution of client security standards.
  • Client/Customer:
  • Provide support and contribute to a culture of customer service excellence that meets and exceeds exceptional service.
  • Build relationships with customers that contribute to a culture of customer service excellence.
  • Conduct: Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Policies and Policy Standards
  • Finance: Contribute to the effective reduction of cost and financial wastage in line with organizational policies and procedures.
  • Learning and Growth: Participate in forums that positively contribute to knowledge improvement.
  • Provide advice and support in the management of change and offer operational support where required

Qualifications

  • IT related degree / certificate or equivalent experience
  • Relevant qualification eg CISSP/OSCP/CEH/Security+
  • Min 5 years relevant experience
  • Solid experience in information security
  • Familiarity with application and network security concepts
  • Broad understanding of hosting and cloud environments
  • Understanding of development frameworks
  • Broad understanding of SIEM & Defensive Technologies
  • Strong Unix, Windows and networking security skills
  • Experience developing custom scripts or tools used for vulnerability scanning and identification
  • Excellent communication skills
  • System hardening to eliminate vulnerabilities and reduce attack surface area
  • Threat modeling with development teams
  • Security testing using offensive security testing / ethical hacking techniques
  • Programming / software development

Desired Skills:

Desired Work Experience:

Learn more/Apply for this position

Leave a Comment