Job no.: IRC33926
Job title: Applications Security Specialist
Organisation: CTO Cluster: Cross Functional Services
Department: Business Solutions and Technology Department
Brief description
The main purpose of this position is to facilitate and implement the adoption of improved security controls, concepts, practices and technologies in support of secure business applications development, implementation and maintenance for the South African Reserve Bank (SARB).
Detailed description
The successful candidate will be responsible for the following key performance areas:
Identify security risks and vulnerabilities, analyse impact thereof and engage relevant stakeholders (e.g. governance bodies and product owners) on relevant security solutions, as well as to drive and monitor the implementation thereof in order to mitigate, remediate security vulnerabilities.
Provide guidance with regard to the design and implementation of software components in support of building an advanced security posture.
Proactively broaden knowledge in the area of application security and apply new knowledge and skills.
Participate in application security audits through the provision of relevant information, respond to and address security related audit findings to reduce the SARBs threat landscape and improve its application security posture.
Participate in information technology (IT) security projects as the application security Subject Matter Expert (SME) ensuring compliance to security standards during each stage of the project development life cycle.
Engage with the larger security community to acquire new information and adopt new security capabilities within the Banks IT security environment.
Identify and implement opportunities for integration and consolidation, while ensuring the optimal use of security best practice with the development of new solutions.
Contribute to the development and maintenance of secure system development life cycle (SDLC) procedures and standards based on the SARB environment and manage the implementation thereof.
Implement the Security Major Incident Response Procedures, during a security breach, by investigating, reporting, providing recommendations, to avoid recurrence.
Develop training material and deliver application security training to all key stakeholders (including developers, testers, and business analysts), in support of the Application and Integration security awareness campaigns.
Present periodic reports and analytics pertaining to the security landscape surrounding the designated business applications.
Job requirements
To be considered for this position, candidates must be in possession of:
a Bachelors degree in Information Technology or an equivalent qualification;
Certified applications security engineer (CESA);
Certified Ethical Hacker (CEH); and
Five to eight years experience in the SDLC frameworks and solutions of which at least three years must be exposure to overall security governance best practices frameworks and design.
Additional requirements include:
additional security certification (will be an added advantage);
industry, organisational and business awareness;
IT governance, risk and compliance knowledge and skill;
continued learning and/or professional development;
quality assurance knowledge and skill;
continuous improvement;
applications support and maintenance skill,
SDLC design, testing and development skill;
cybersecurity governance knowledge and skill;
IT enablement reporting skill; and
capacity and performance management skill.
Additional details
Career path: Functional Contributor (FC)
Level: FC3
Enquiries relating to this position may be directed to Mr Percy Ramokone at the following email address Percy.Ramokone@resbank.co.za.
This position will be advertised internally and externally.
How to apply
All interested parties are invited to apply.
Internal applicants MUST apply through the SARBs ERP system.
External applicants MUST apply online, via www.resbank.co.za.
All the available vacancies will be visible.
Please follow these links: WORK @ SARB > Latest vacancies.
Login:
Is this your first visit to our Job Site? > Register today (Ensure that you include all your skills and qualifications during the registration process.); or
Already registered on our Job Site? > Already registered? > Login here.
Select the Date posted > Last 3 weeks (in the drop-down menu).
Select the appropriate IRC number to view the full advertisement.
Do not enclose copies of your identity document or qualification(s) with your application.
Shortlisted applicants will be subjected to a psychometric assessment, an appropriate reference check and a security clearance as part of the selection process.
The closing date for applications is 5 July 2023. Late applications will not be considered.
In line with the SARBs commitment to diversifying its workforce, preference will be given to suitable candidates from designated groups. People with disabilities are welcome to apply.
The SARB offers remuneration and benefits commensurate with the level of the position and in line with the market. The level at which the successful applicant will be appointed will depend on his/her competence and experience.