IT Security Specialist
IT – Infrastructure
Cape Town – Western Cape
IF you’re passionate about internet security and enjoy the challenge of finding robust solutions to complex issues, then your technical expertise as an IT Security Specialist is sought by a fast-paced innovative Investment Firm. Joining its Red Team, you will take charge of continuous assessments of the technologies in use within the business making use of various TTP’s (Tools, Techniques and Procedures) to ensure that they are secure. The ideal candidate will preferably require a Degree in Computer Science or equivalent field and role relevant Certifications like Security Testing. You must have 4+ years Software Security experience, 3+ years of proficiency in at least 1 Scripting programming language and be familiar with Java & Python, Storage experience and implementing technical security controls, Full-Stack (Linux / Unix) software architectures from UI to infrastructure, CI/CD & the ability to take a long-term view of the security posture to proactively fix architectural deficiencies.
- Contribute to the design, implementation, and execution of security review and test methodologies for the testing of services.
- Ensure remediation of risks by partnering with service teams.
- Perform a rolling security review across the estate by penetration testing and red teaming on production systems.
- Scope and perform real-life attack scenarios to test and measure the detection capability and at the same time determine detection thresholds, silent to noisy.
- Work with Development teams across the firm to create comprehensive security tooling and functional improvements at scale.
- Assist with Incident Response if and when called upon and validate that detective and preventative technology approaches work on the newest threats.
- Be a mentor for other members in the team.
- Bachelors’ Degree in Computer Science or similar field or equivalent work experience is desirable.
- Role relevant qualifications, i.e., Security Testing.
- 4+ Years’ experience in Software Security.
- 3+ Years of proficiency in at least 1 Scripting programming language, familiarity with Java and Python.
- Passionate about internet security issues and the threat landscape for popular software & services.
- With the design and implementation of technical security controls.
- Performing or supporting Red Team engagements with an understanding of a holistic assessment.
- Full-Stack (Linux / Unix) software architectures from UI to infrastructure.
- Serverless architectures, and common virtualization techniques (hypervisors/containers/jails) and escapes/exploits from these environments.
- Experience with micro-service, API-based agent, or service-oriented software architectures.
- Operations experience with CI/CD development or managing distributed systems.
- Web service assessment experience with authentication controls, session management, access controls, logic flaws, injection vulnerabilities, request smuggling, cloud privilege escalation, DOS attacks.
- Good oral and written communication skills.