Job Description:

Our client in the financial service space is seeking to employ an independent Cyber Risk Specialist that will be in charge of setting up and managing the cyber risk and information security frameworks and policies for the client.

Responsibilities:

• • Set up an internal second line of defence red team lab to enable targeted testing of the group’s environment as well as effective follow-up of vulnerability remediations.
  • Manage the external red team exercise ensuring that noted risks are remediated and tracked.
  • Review and propose updates to cyber risk management and information security frameworks and policies on an annual basis at a minimum.
  • Enforce implementation of the cyber risk management and information security framework ensuring that key gaps and risks noted are well discussed, actioned and escalated.
  • Support is ensuring the architecting and creation of secure solutions for the cloud that adhere to industry best practices through detailed risk assessments.
  • Support the evaluation of security controls against the IaaS and PaaS offerings provided.
  • Support the creation and management of a new security risk management process to approve and authorize new capabilities and monitor the output of the process.
  • As part of targeted risk assessments, review network architecture and artefact configurations (Firewalls, Routers, Switches, IDS, IPS) and give practical recommendations.
  • Support first-line IT units in coming up with baselines for implementation and in accordance with best practices these include baselines for secure coding, custom scripts and programs.
  • Support in other reviews might be allocated from time to time.
  • Present findings with clarity to management and get buy-in for implementation of controls.
  • Have the capability to mine forensic data for investigative and forensic if called upon.

Requirements:

The Cyber Risk Specialist should fit the following description:

• + 6 years of relevant experience in penetration testing on expansive environments
• A tertiary degree in computer science, IT, Software Engineering, or relevant
• CEH (Certified Ethical Hacker) is a must
• Additional certifications are an added advantage
• Demonstrated skills in penetration testing and ethical hacking

Are you looking to sharpen your Software Development skills to stay relevant in the market? CLICK HERE to have a look at the top schools.

For all your IT certification needs, please, click here for information on how to get started