IT Application Security Analyst at Stanbic IBTC Bank
Stanbic IBTC Bank is a leading African banking group focused on emerging markets globally. It has been a mainstay of South Africa's financial system for 150 years, and now spans 16 countries across the African continent.
Standard Bank is a firm believer in technical innovation, to help us guarantee exceptional client service and leading edge financial solutions. Our growing global success reflects our commitment to the latest solutions, the best people, and a uniquely flexible and vibrant working culture. To help us drive our success into the future, we are looking for resourceful individuals to join our dedicated team at our offices.
We are recruiting to fill the position of:
Job Title: IT Application Security Analyst
Job ID: 57054
Location: Lagos Island, Lagos
- Analyses information security systems and applications, recommends and develops security measures to protect information against unauthorized modification or loss
- Ensuring that any software developed or acquired meets stringent standards while enabling rapid innovation to meet customer’s ever-changing needs
- Management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
- Integrating security tools, standards and processes into the product life cycle (PLC)
- Improving and supporting application security tool deployments including static analysis and runtime testing tools
- Integrating threat modeling practices into the product life cycle
- Providing security requirements for test-driven design
- Producing metrics reporting the state of application security programs and performance of development teams against requirements
- Improving and maintaining secure development standards
- Supporting the incident response / architecture review process whenever application security expertise is needed
- Providing penetration testing and standards gap analysis services to internal business and technology partners
- Managing penetration testing services, including both expert consulting and managed services
- Supporting vendor security activities to ensure 3rd party software and development meets security standards
- Managing application framework and perimeter security improvement projects.
Qualifications and Experience
- IT, Computer Science or other Science related courses
- Sound knowledge of risk assessment, code review, ethical hacking, reconnaissance, client server-side attack and countermeasures
- Knowledge of programming (e.g Java, C, Python, php etc)
- Relevant IT certifications, CEH, CISA, CISSP etc would be beneficial.
- Minimum of 5 years experience in IT Security, Information Security Risk, Application development
- Expert Knowledge of VAPT tools usage (e.g. Kali, Metasploit, Nessus, Qualys etc), secure coding, exploitation, Defence, Forensics, Reverse Engineering
- Extensive Knowledge of TCP/IP protocol stacks, OWASP, PCI, ISO 27001 and Application Vulnerability Management and risk
How to Apply
Interested and qualified candidates should:
Click here to apply