Security Analyst

DataFin was established in 1999. We pride ourselves on the fact that we have established relationships with industry leaders and a vast majority of our business is repeat business.

Duties & Responsibilities

Environment:

A leading cybersecurity company based in Johannesburg is seeking a skilled and detail-oriented Security Analyst to join their dynamic team. The ideal candidate will have 25 years of hands-on experience in Penetration Testing with a strong background in identifying and mitigating security vulnerabilities across various environments. This role involves conducting comprehensive security assessments including but not limited to network, mobile, web, thick client, wireless, social engineering, and physical penetration testing. The successful candidate will be responsible for analyzing security risks, providing actionable recommendations, and collaborating with clients and internal teams to enhance overall cybersecurity posture. If you are passionate about ethical hacking, threat analysis, and proactive security measures, this is an excellent opportunity to grow your career in a fast-paced and innovative environment.

Duties:

Penetration Testing Duties:

• Work as part of a vulnerability assessment and/or penetration testing team, taking direction from line managers and executing directives thoroughly and timely.
• Conduct vulnerability assessments on a wide variety of technologies and implementations, utilizing both automated tools and manual techniques.
• Conduct network penetration tests.
• Conduct application penetration tests (web and thick client).
• Conduct wireless and mobile security assessments.
• Conduct social engineering assessments.
• Conduct physical security assessments.
• Effectively communicate successes and obstacles with team members and line managers.
• Interface with client contacts and staff professionally and constructively.
• Develop subject matter expertise in areas including network, database, wireless, and application security assessments, as well as adversarial network operations.
• Utilize common vulnerability assessment and penetration testing tools.

Red Teaming Duties:

• Work as part of a Red Team, assisting with duties such as:
• Initial reconnaissance (OSINT) for collecting information on targets.
• Initial compromise by exploiting weaknesses in people, processes, or technology.
• Deploy command-and-control servers (C&C or C2) and custom payloads to establish communication and persistence within the target network.
• Develop tools, techniques, and procedures to evade detection by blue teams, including creating custom payloads.
• Escalate privileges and maintain persistence.
• Exfiltrate data and achieve objectives.

Research and Development Duties:

• Research new vulnerabilities, focusing on high-profile products.
• Understand threat actor terminology and tactics; research new attack methods.

Minimum Requirements:

• At least 25 years of experience in Penetration Testing, including conducting various assessments such as network, mobile, web, thick client, wireless, social engineering, and physical testing.

While we aim to respond to every application, if you are not contacted within 10 working days, please consider your application unsuccessful.

Comments:

Applicants should meet the minimum job requirements. Only South African citizens will be considered. If you are not located in the specified area, please include your relocation plans in your application. To apply, email a Word copy of your CV and mention the reference number of the job.

Desired Experience & Qualification:

Security Analyst, Johannesburg

Required Experience:

Key Skills:

Employment Type: Full-Time

Experience: Years

Vacancy: 1

Security Analyst • Johannesburg, Gauteng, South Africa