Job Location :
Head Office, Hq
Job Purpose:
To plan and implement security tests on NMB systems.
Main Responsibilities:
- Perform manual penetration testing of web applications, mobile applications, APIs, external and internal networks.
- Work closely with cross-functional delivery teams, present security test findings, agree upon remediation response plans, and follow-up implementation of the plans.
- Carry out proof of concept on known risks and discovered vulnerabilities against the bank’s environment.
- Recognize and safely utilize penetration testing tools, tactics and procedures.
- Research and develop customized tools and automation scripts to improve the identification of vulnerabilities.
- Develop comprehensive and accurate reports and presentations for both technical staff and management.
- Provide security recommendations in the development and acquisition of the bank’s systems.
- Support third-party security test engagements including regulatory tests conducted at the bank.
- Work with system vendors as well as internal teams in verifying the security of the applications/systems implemented within the bank.
Knowledge and Skills:
- Knowledge of the security testing landscape.
- Knowledge of security of various operating system flavors such as Windows, Linux, and Unix.
- Understanding of network security architecture.
- Scripting skills in at least one scripting language including Python, PowerShell or Bash.
- Pen-testing skills in applications and infrastructure domains.
- Good interpersonal, written, and oral communication skills in English and Swahili.
- Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
Qualifications and Experience:
- Degree in Cyber Security, Computer Science, Information Systems or related.
- The following certifications are a plus OSCP, eJPT, CEH.
- Experience in software/web development and/or source code review in Python, C/C, C#, Java, VB .NET, ASP.NET, PHP, NodeJS.
- Hands-on experience in Linux and Windows environment.
- Actively participate in Capture The Flag (CTF) events, HackTheBox, TryHackMe or similar.NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer
Job closing date : 28-Mar-2023
ADVERTISEMENT
ADVERTISEMENT
Discussion about this post