menu
Job Title or Company Name
State, city
search
Job Title or Company Name
State, city
Guaranty Trust Bank Plc, is a foremost Nigerian financial institution with vast business outlays spanning Anglophone West Africa and the United Kingdom.   GTBank has a corporate banking bias and strong service culture that have enabled it record consistent growth in clientele and key financial indices since its inception in 1990.

Job Detail

Location: lagos
Experience: 1year(s)
Course of Study: computer science
Required Grade: any

Job Overview

 

You will join a dynamic team of world-class security experts to conduct application security/penetration tests of our internal/external web, mobile and web service applications, leveraging both manual techniques as well as automated tools in order to uncover and report security vulnerabilities that exist.

You are required to be knowledgeable with business risks associated with common security vulnerabilities and be able to effectively communicate security vulnerabilities to application developers and/or senior managers who may have little to no experience with these vulnerabilities.

The ability to work independently in a very large scale and enterprise setting is a great skill to possess. Previous experience as an application security professional with a large financial institution is a plus.

Required Qualifications

 

BSc/MSc in Computer Science/Information Security/Information Technology (or relevant work experience in a large scale IT environment)

One or more of the following certifications: CISSP, GWAPT, CISM, CEH, OSCP, CCIE Security

Completion of NYSC is mandatory.

Work Experience: 1-3 years

Competencies/Skills:

 

Experience conducting vulnerability assessments, code reviews and penetration tests against web/mobile application technologies, APIs, platforms and languages to find flaws and exploits (e.g. SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Clickjacking, Authentication/Authorization, Privilege Escalation, Business Logic Bypass, OWASP Top 10, SANS Top 25 etc.)

Knowledge of network and web related protocols/technologies.

Ability to demonstrate manual web application testing experience. Experience with web application vulnerability scanning tools (e.g. IBM AppScan, HP Webinspect, Acunetix, NTO Spider, Burp suite Pro, Netsparker etc.).

Experience with vulnerability assessment tools and penetration testing techniques (e.g. web application proxies, packet capture analysis software, browser extensions, advanced penetration testing Linux distributions, static source code analyzers, SoapUI, ReadyApi etc.)

Experience of penetration testing on mobile platforms such as iOS and Android

Intermediate programming/debugging skills with proficiency in one or more of the following:  Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C

Expert-level experience and very detailed technical knowledge in at least 3 of the following areas: general information security, security engineering, application architecture, authentication and security protocols, application session management, applied cryptography, common communication protocols, mobile frameworks, single sign-on technologies, exploit automation platforms and RESTful web services

Demonstrated ability to learn and apply critical thinking to a variety of situations

Strong scripting skills (e.g. Python, Perl, Shell script, JavaScript).

Comment