Summary
Date Posted: Wednesday, March 19 2025, Base Salary: Not Disclosed

JOB DETAILS:
Job Purpose
Specialist: Cybersecurity will be a key member of the Security Architecture team, reporting to the Enterprise Security Architect. This role is responsible for integrating security into Agile squads and the Software Development Lifecycle (SDLC), Designing Cyber security controls in CRDB Products and services and systems. Provide Assurance towards delivery of such controls by conducting security assessments and threat modelling, and ensuring secure coding practices across all software development initiatives.

Principle Responsibilities
• Collaborate with Agile development squads to integrate security within the Software Development Lifecycle (SDLC) and ensure Cyber Security is well designed in products, services and systems through Security by Design.
• Perform penetration testing, security assessments, and threat modelling on both web and mobile applications to identify and address vulnerabilities.
• Provide technical guidance on secure coding practices, software design, and security best practices.
• Conduct risk assessments and recommend security controls to mitigate identified risks.
• Develop and maintain security standards, guidelines, and tools to support secure Agile development.
• Review code for security vulnerabilities and offer actionable recommendations to improve application security.
• Work with Security Champions within squads to strengthen the security posture and promote a culture of security-first development.
• Assist in the development of secure DevOps pipelines and the implementation of security in CI/CD pipelines.
• Collaborate with Security Champions and Software Developers to conduct automated static (SAST) and dynamic (DAST) security testing across development and production environments in the CI/CD pipeline.
• Enforce security policies throughout the development process and deployment stages in the CI/CD pipeline.
• Provide training, mentorship, and coaching to software developers, DevOps teams, and product owners on security best practices.
• Support incident response activities related to application security breaches and secure development environments.
• Ensure 3rd parties security is properly managed and provide assurance.
• Other responsibilities as may be assigned by the Bank’s management.

Qualifications Required
• Bachelors’ degree in Computer Science, Cyber Security, Software engineering or related academic field.
• At least one Industry certifications such as CISSP, CEH, OSCP, or CSSLP are a plus.
• Minimum of 2 years of proven experience in Cyber Security and Software Development industry.
• Strong background in Cyber Security and Software Development.
• Solid understanding of application security principles, secure coding standards, and security frameworks such as OWASP and NIST.
• Proficiency with security tools, such as SAST, DAST, and Software Composition Analysis (SCA) solutions.
• Experience in DevSecOps and security automation within CI/CD pipelines.
• Familiarity with cloud security best practices for AWS, Azure, or Google Cloud.
• Technical knowledge of Information and Communication Technologies, Platforms, Networks, Infrastructure, and applications.
• Business analysis – interpretation of business requirements in technology areas
• Demonstrated leadership, motivational, and personnel management skills.
• Strong interpersonal, written, and oral communication skills.
• Strong project management skills
• Hands-on experience with threat modelling, penetration testing, and security code reviews.

Work Hours: 8

Experience in Months: 24

Level of Education: Bachelor Degree

Job application procedure

Interested and qualified? Click here

All Jobs

QUICK ALERT SUBSCRIPTION