Penetration Tester (3 Position(s)) at NMB Bank Plc 2023;- NMB Bank Plc. (“NMB”) is a full service commercial bank incorporated in the United Republic of Tanzania. Through its 3 main business divisions: Retail, Wholesale, and Treasury, NMB provides a suite of financial services and products to retail customers, farmers, SMEs, Corporates, Institutions and the Government.
At NMB we believe that our clients and employees make our stronghold and when they achieve their ambitions, we do too. To accomplish this we need individuals with creative and innovative solutions who are willing to go the extra mile for their future, our clients and the bank. We promise to provide you with a world of opportunities for personal growth within a culture that is based on co-operation in every section of our business countrywide. We believe that the steps we take together are the ones that take us further.
Main Responsibilities:
- Perform manual penetration testing of web applications, mobile applications, APIs, external and internal networks.
- Work closely with cross-functional delivery teams, present security test findings, agree upon remediation response plans, and follow-up implementation of the plans.
- Carry out proof of concept on known risks and discovered vulnerabilities against the bank’s environment.
- Recognize and safely utilize penetration testing tools, tactics and procedures.
- Research and develop customized tools and automation scripts to improve the identification of vulnerabilities.
- Develop comprehensive and accurate reports and presentations for both technical staff and management.
- Provide security recommendations in the development and acquisition of the bank’s systems.
- Support third-party security test engagements including regulatory tests conducted at the bank.
- Work with system vendors as well as internal teams in verifying the security of the applications/systems implemented within the bank.
Knowledge and Skills:
- Knowledge of the security testing landscape.
- Knowledge of security of various operating system flavors such as Windows, Linux, and Unix.
- Understanding of network security architecture.
- Scripting skills in at least one scripting language including Python, PowerShell or Bash.
- Pen-testing skills in applications and infrastructure domains.
- Good interpersonal, written, and oral communication skills in English and Swahili.
- Demonstrable honesty, integrity, and credibility; ability to engender the trust and confidence of internal constituency and external partners.
Qualifications and Experience:
- Degree in Cyber Security, Computer Science, Information Systems or related.
- The following certifications are a plus OSCP, eJPT, CEH.
- Experience in software/web development and/or source code review in Python, C/C, C#, Java, VB .NET, ASP.NET, PHP, NodeJS.
- Hands-on experience in Linux and Windows environment.
- Actively participate in Capture The Flag (CTF) events, HackTheBox, TryHackMe or similar.NMB Bank Plc is committed to creating a diverse environment and is proud to be an equal opportunity employer
Job closing date : 28-Mar-2023