IT Application Security Analyst Opening at Stanbic IBTC Bank
Stanbic IBTC Bank is a leading African banking group focused on emerging markets globally. It has been a mainstay of South Africa’s financial system for 150 years, and now spans 16 countries across the African continent.
Standard Bank is a firm believer in technical innovation, to help us guarantee exceptional client service and leading edge financial solutions. Our growing global success reflects our commitment to the latest solutions, the best people, and a uniquely flexible and vibrant working culture. To help us drive our success into the future, we are looking for resourceful individuals to join our dedicated team at our offices.
We are recruiting to fill the position below:
Job Title: IT Application Security Analyst
Job ID: 45837
Location: Lagos Island, Lagos
Job Sector: Banking
- Information Technology: systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.
- Analyses information security systems and applications, recommends and develops security measures to protect information against unauthorized modification or loss
- Ensuring that any software developed or acquired meets stringent standards while enabling rapid innovation to meet customer’s ever-changing needs
- Management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
Key Responsibilities / Accountabilities
- Integrating security tools, standards and processes into the product life cycle (PLC)
- Improving and supporting application security tool deployments including static analysis and runtime testing tools
- Improving and maintaining secure development standards
- Supporting the incident response / architecture review process whenever application security expertise is needed
- Providing penetration testing and standards gap analysis services to internal business and technology partners
- Managing penetration testing services, including both expert consulting and managed services
- Integrating threat modeling practices into the product life cycle
- Providing security requirements for test-driven design
- Producing metrics reporting the state of application security programs and performance of development teams against requirements
- Supporting vendor security activities to ensure 3rd party software and development meets security standards
- Managing application framework and perimeter security improvement projects
Preferred Qualifications and Experience
- IT, Computer Science or other Science related courses
- Minimum of 5 years experience in IT Security, Information Security Risk, Application development
- Expert Knowledge of VAPT tools usage (e.g. Kali, Metasploit, Nessus, Qualys etc), secure coding, exploitation, Defence, Forensics, Reverse Engineering
- Extensive Knowledge of TCP/IP protocol stacks, OWASP, PCI, ISO 27001 and Application Vulnerability Management and risk
- Sound knowledge of risk assessment, code review, ethical hacking, reconnaissance, client server-side attack and countermeasures
- Knowledge of programming (e.g Java, C, Python, php etc)
- Relevant IT certifications, CEH, CISA, CISSP etc would be beneficial
Knowledge / Technical Skills / Expertise:
- Articulating Information
- Checking Details
- Meeting Timescales
- Interacting with People
- Team Working
- Completing Tasks.