IT Application Security Analyst

Full time @Stanbic IBTC in Networking & Telecommunications Email Job

Job Detail

  • Job ID 6562
  • Career Level Mid-Level
  • Experience 5 Years
  • Qualifications Bachelor’s Degree (BSC)

Job Description

Job Purpose

  • Analyses information security systems and applications, recommends and develops security measures to protect information against unauthorized modification or loss
  • Ensuring that any software developed or acquired meets stringent standards while enabling rapid innovation to meet customer’s ever-changing needs
  • Management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.

Key Responsibilities / Accountabilities

  • Integrating security tools, standards and processes into the product life cycle (PLC)
  • Improving and supporting application security tool deployments including static analysis and runtime testing tools
  • Improving and maintaining secure development standards
  • Supporting the incident response / architecture review process whenever application security expertise is needed
  • Providing penetration testing and standards gap analysis services to internal business and technology partners
  • Managing penetration testing services, including both expert consulting and managed services
  • Integrating threat modeling practices into the product life cycle
  • Providing security requirements for test-driven design
  • Producing metrics reporting the state of application security programs and performance of development teams against requirements
  • Supporting vendor security activities to ensure 3rd party software and development meets security standards
  • Managing application framework and perimeter security improvement projects

Preferred Qualification and Experience
Qualifications and Experience

  • IT, Computer Science or other Science related courses
  • Minimum of 5 years experience in IT Security, Information Security Risk, Application development
  • Expert Knowledge of VAPT tools usage (e.g. Kali, Metasploit, Nessus, Qualys etc), secure coding, exploitation, Defence, Forensics, Reverse Engineering
  • Extensive Knowledge of TCP/IP protocol stacks, OWASP, PCI, ISO 27001 and Application Vulnerability Management and risk
  • Sound knowledge of risk assessment, code review, ethical hacking, reconnaissance, client server-side attack and countermeasures
  • Knowledge of programming (e.g Java, C, Python, php etc)
  • Relevant IT certifications, CEH, CISA, CISSP etc would be beneficial

Other jobs you may like