IT Security Specialist (Pentest) at Dangote

Description

The IT Security Analyst (Penetration Testing) is tasked with identifying and mitigating security vulnerabilities within Dangote’s IT infrastructure. This role involves planning and conducting penetration tests, analyzing findings, and collaborating with teams to implement security enhancements. The ideal candidate will have a solid background in cybersecurity, expertise in penetration testing tools and methodologies, and excellent problem-solving abilities.

Key Responsibilities

• Conduct penetration tests on networks, applications, and systems within the organization to identify vulnerabilities.
• Systematically identify, document, and prioritize security weaknesses and potential risk.
• Perform in depth vulnerability assessments using both automated and manual tools and techniques.
• Analyze and interpret test assessment results to provide actionable recommendations.
• Prepare comprehensive reports detailing application and infrastructure security status, associated risks, and recommended remediation actions.
• Maintain accurate and thorough documentation of all penetration testing activities and results.
• Work closely with IT and development teams to address and remediate identified vulnerabilities.
• Provide expert guidance on implementing security best practices and secure coding standards.
• Effectively utilize and maintain penetration testing tools and software to ensure optimal performance.

Requirements

• Minimum of 5-7 years in information security, cyber security or any related field.
• Relevant certifications such as OSCP, GIAC Penetration Tester (GPEN), CEH or any similar certifications are preferred.
• Minimum of 5-7 years in information security, cyber security or any related field
• Proficiency with emerging pen testing tools such as Metasploit, Burp Suite, Nessus, Nmap, Wireshark, and Kali Linux.
• Experience with vulnerability scanning tools and manual assessment techniques.
• Deep understanding of network protocols, architectures, and security controls, with the ability to identify and mitigate network vulnerabilities.
• In-depth knowledge of secure coding practices and advanced application security testing methodologies
• High proficiency in scripting languages such as Python and PowerShell, and programming languages including Java and C++.Operating Systems:
• Experience with multiple operating systems, including Windows, Linux, and macOS.
• Exceptional analytical and problem-solving abilities to identify and address security vulnerabilities.
• Excellent verbal and written communication skills for preparing reports and explaining findings to technical and non-technical stakeholders. • Strong attention to detail to ensure thorough and accurate testing and reporting.
• Ability to work collaboratively with cross-functional teams to implement security improvements.
• Capacity to adapt to evolving security threats and changing organizational needs.

Key Performance Indicators (KPIs):

• Identify and report security vulnerabilities during penetration tests.
• Incident Response Time: Achieve high turnaround
• 100% coverage of critical systems and applications in penetration testing cycles.
• Reduce the number of security incidents through effective penetration testing and remediation.
• Optimize and effectively use 95% of the penetration testing tools available.
• 100% accuracy in penetration testing reports and documentation.
• Implement improvements based on feedback from post-testing reviews and emerging threat analysis.