SensePost is Orange Cyberdefense's independent elite consulting arm, renowned for its expertise, 18-year track record and innovation on the frontlines of cyber security. We are currently recruiting for a Security Analyst to join the Scanning Team in Pretoria.
This position is responsible for performing, analysing and communicating Security Vulnerability Scanning for multiple SensePost and all other group customers in support of their own internal Vulnerability Management programs.
The Scanning Team conducts internal and internet scanning for both infrastructure and web applications, as well as for PCI compliance, and are also responsible for producing internet footprints and internal asset discovery reports as well as managing targeted Phishing Campaigns.
Your main responsibilities as a Security Analyst will include:
- Being a company and industry expert in the field of infrastructure and web application vulnerability discovery
- Analyse security scan reports to identify false positives, moderate ratings and verify recommendations
- Perform manual verification or penetration testing to confirm the presence and assess the risk posed by reported vulnerabilities
- Configure scans on behalf of customers with the required correct settings required to comply with targeting and scheduling requirements, as well as appropriate security testing requirements
- Design, configure, manage, analyse and deliver vulnerability scans for PCI ASV compliance purposes
- Perform root-cause analysis and produce vulnerability summary reports for both technical and management audiences
- Perform internal asset-discovery scans and assist customers to understand customers' internal environments and plan a scanning strategy accordingly
- Design, create and manage occasional targeted Phishing campaigns to help customers understand their exposure to this form of attack
- Assist with designing, building, hardening, and maintaining systems used for scanning, footprinting and phishing
To be successful in joining us as a Security Analyst, you must have the following skills and experience:
- Solid experience in IT security and on a recognised vulnerability scanning platform - Qualys, Nessus, Netsparker or similar
- At least 1 of the following qualifications - OSCP, CEH, CISSP, PCI, CREST, OSCE, OSWP
- An IT related degree is desirable
- Strong experience with penetration testing or vulnerability assessment
By joining one of the world’s leading cyber security companies, you will be offered the following:
- An opportunity to join a relaxed and inspired team where your work is valued and appreciation for your work is visibly demonstrated
- A dynamic and open culture with a flat hierarchy, casual office dress and a focus on teamwork
- Opportunities to learn and innovation is encouraged
- Research and personal development time
- Opportunities to travel abroad