Security Specialist
  • South Africa Johannesburg
  • BASHR Consulting
1 year before
31.12.2023
Protect and Defend
Vulnerability Assessment and Management
Job Description

About the job
Position is ideal for a well rounded IT professional with excellent skills and knowledge in IT Securities. Candidate will be responsible for technical security tools, ensure all Information Security policies and procedures are followed as well as provide sound security advice to our clients. Will also assist with cyber security awareness, deployment of new security solutions


Minimum Requirements


Relevant Information Technology Qualification (B-Tech or Degree)
CISSP
Working with Qualys Vulnerability Management and Web Application Scanning.
Must have previously worked with Forti Analyzer
A very good knowledge of Symantec Endpoint Protection and Encryption
Knowledge of industry frameworks (ISO 27001/2, COBIT, ITIL)

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0009   Knowledge of application vulnerabilities.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0001   Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • S0009   WITHDRAWN: Skill in assessing the robustness of security systems and designs. (See S0027)
  • S0081   Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
  • S0137   Skill in conducting application vulnerability assessments.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0001  Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).