company logo

Penetration Tester

Capitec Bank.com

Office

Stellenbosch, ZA

Full Time

Apply By:

We're on the lookout for energetic, self-motivated individuals who share our passion for service in the banking industry. To be part of the journey, follow the steps below:

  1. 1. To see what life at Capitec is all about and complete a short assessment, please click here!
  2. 2.  Once you have completed the above finalize your application by clicking apply below.

Purpose Statement

  • To ensure that the business is prepared and skilled to mitigate any cyber security threat through
  • Assessing and testing the applications and processes of the Bank.
  • Identifying potential areas of weaknesses from a security perspective.
  • Playing a key role in developing world class cyber security capabilities within the Bank by means of knowledge transfer, education, training and research.
  • Assessing and testing the applications and processes of the Bank.
  • Identifying potential areas of weaknesses from a security perspective.
  • Playing a key role in developing world class cyber security capabilities within the Bank by means of knowledge transfer, education, training and research.

Experience

Minimum:

  • 3 – 5 years’ experience in cyber security testing
  • Risk identification and communication relating to cyber security

Ideal:

  • 5+ years in cyber security testing
  • 2 – 3 years financial services / banking experience 
  • Experience with the Agile and DevOps models

Qualifications (Minimum)

  • Grade 12 National Certificate / Vocational
  • Certification in Information Technology

Qualifications (Ideal Or Preferred)

  • A relevant tertiary qualification in Information Technology or Information Technology - IT Engineering

Knowledge

Minimum:

  • Manual and automated security testing of infrastructure, networks, and web applications\services
  • Technical vulnerability assessments (CVE and CVS database knowledge)
  • Best practice technical reviews; using company and industry standards
  • Common network protocols, system architecture, and operating systems
  • Logical access reviews and audit
  • Knowledge of TTP's/MITRE Attack Framework, threat-attack landscape
  • Strong communication and reporting skills, articulate risk to business
  • Solution and white-boarding of systems to be assessed
  • Ability to read\understand at least 1 scripting language (e.g. Python, Bash, PowerShell, C\PHP\Java code)
  • Experience in testing web services, web\mobile applications, and cloud applications
  • Proficiency with pen-testing tools (Security distro’s and intercepting proxy tools)
  • Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT 
  • Understanding of system architectures and platforms (e.g. Windows, Unix, Linux and RedHat)
  • Understanding of tiered web application\service\cloud architectures and related databases (MySQL, MSSQL and Oracle)
  • Understanding of networking protocols and architectures, WAF’s, web and reverse-proxies, DLP, e-mail proxy, DAM, firewalls and perimeter security technologiesEnd User Infrastructure Service technologies (e.g. Print Management Solutions)

Ideal:

  • Cyber Security Threat modelling and Attack-Path mapping
  • Conducting and participating in Red-Team\Purple teaming exercises
  • Familiarity with industry regulatory requirements, specific to information security
  • Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell)
  • Reverse engineering of malware\exploits

Skills

  • Communications Skills
  • Computer Literacy (MS Word, MS Excel, MS Outlook)
  • Attention to Detail
  • Analytical Skills
  • Problem solving skills

Conditions Of Employment

  • Clear criminal and credit record

Capitec is committed to diversity, applications to this position will strictly be considered in support of our employment equity goals.

Penetration Tester

Office

Stellenbosch, ZA

Full Time

October 21, 2025

CapitecBankSA