Our client based in Cape Town are seeking the skills of a Cyber Security Specialist-Red Team
Our client is searching for an energetic, output-driven and skilled Red Teamer to support the execution of the cyber security strategy and roadmap with a primary focus on red teaming and purple teaming. You’ll help building and maturing the ability to test, validate and mature controls within the context of red and purple teaming. This includes responsibility for penetration testing and application security. This is a technical role requiring practical experience in penetration testing, red teaming, and SDLC security.
Main job function
• Hacking the planet – get your hands dirty and pull apart code, whether it is application, mobile, platform, container or on-premise or cloud infrastructure - and look for bugs.
• Coordinate application and infrastructure penetration testing with internal and external parties according to our internal methodology and where relevant, in line with compliance requirements (e.g., PCI).
• Support the building and maturing of the red and purple teaming capability area, leveraging technology and automation with the goal of continual control validation.
• Modelling Threats – enhance and optimise infrastructure, platform, application and mobile security by identifying threats, vulnerabilities and associated countermeasures.
• Draft funky but professional reports to detail the findings of the assessments, including appropriate recommendations to mitigate identified security issues.
• Help drive and validate remediation of findings.
• Maintain and enhance cool toolsets – manage the relevant tools required for mature product security that include pen testing, secure coding and source code analysis. Investigate new approaches, technology and automation to challenge traditional thinking and raise the level of security.
• Secure the development of products– integrate security practices into the software development lifecycle, verify the security of internally and externally developed applications and services during and after development and deployment. Actively participate in the SDLC though guidance, education, input and facilitation.
• Consult with application development teams during projects and initiatives.
• Provide AppSec reporting for operational security dashboards.
• Provide AppSec guidance via documentation, standards, and collaboration.
Supporting the Blue Team to wield their shields
• Support the team in responding to security incidents when needed.
Supporting the broader Cyber SecOpsTeam
• Collaborate with the broader SecOps Team, to drive and support various operational and strategic initiatives.
• Champion or co-champion internal security solutions and/or processes.
Matric
Relevant qualifications and certifications such as OSCP, OSWE, SANS and CREST advantageous
Minimum of 4 years’ hands on experience in penetration testing and red teaming
• Experience with tools such as Burp Suite, Checkmarx, Cobalt Strike and Metasploit
• Knowledge of programming languages, Android, iOS and Huawei
• Demonstrated track record of applying technical knowledge to help improve security
• Ability to adapt and take on new tasks and challenges
• Ability to script and automate processes
A Consultant will be in touch if you are shortlisted for the position. Please consider your application unsuccessful should you not have been contacted within 2 weeks. We will keep your CV on our database and contact you should you match the criteria of any other vacancies.
