Capitec Bank is South Africa’s largest bank by clients, boasting around 14 million banking app clients and nearly 25 million active clients as of October 2025. The bank operates as a retail bank, serving both individuals and businesses, and has embraced digital banking to enhance customer experience. Recently, Capitec released its interim results for the six months ended August 2025, showcasing its growth and innovative approach in the banking sector.
Job overview
- To ensure that the business is prepared and skilled to mitigate any cyber security threat through
- Assessing and testing the applications and processes of the Bank.
- Identifying potential areas of weaknesses from a security perspective.
- Playing a key role in developing world class cyber security capabilities within the Bank by means of knowledge transfer, education, training and research.
Experience
- 3 – 5 years’ experience in cyber security testing
- Risk identification and communication relating to cyber security
- 5+ years in cyber security testing
- 2 – 3 years financial services / banking experience
- Experience with the Agile and DevOps models
Qualifications
- Grade 12 National Certificate / Vocational
- Certification in Information Technology
- A relevant tertiary qualification in Information Technology or Information Technology – IT Engineering
Knowledge
- Manual and automated security testing of infrastructure, networks, and web applications\services
- Technical vulnerability assessments (CVE and CVS database knowledge)
- Best practice technical reviews; using company and industry standards
- Common network protocols, system architecture, and operating systems
- Logical access reviews and audit
- Knowledge of TTP’s/MITRE Attack Framework, threat-attack landscape
- Strong communication and reporting skills, articulate risk to business
- Solution and white-boarding of systems to be assessed
- Ability to read\understand at least 1 scripting language (e.g. Python, Bash, PowerShell, C\PHP\Java code)
- Experience in testing web services, web\mobile applications, and cloud applications
- Proficiency with pen-testing tools (Security distro’s and intercepting proxy tools)
- Understanding and familiarity of vulnerabilities included in methodologies such as OWASP Top 10 (Web, Mobile, API) and OSSINT
- Understanding of system architectures and platforms (e.g. Windows, Unix, Linux and RedHat)
- Understanding of tiered web application\service\cloud architectures and related databases (MySQL, MSSQL and Oracle)
- Understanding of networking protocols and architectures, WAF’s, web and reverse-proxies, DLP, e-mail proxy, DAM, firewalls and perimeter security technologiesEnd User Infrastructure Service technologies (e.g. Print Management Solutions)
- Cyber Security Threat modelling and Attack-Path mapping
- Conducting and participating in Red-Team\Purple teaming exercises
- Familiarity with industry regulatory requirements, specific to information security
- Proficiency in scripting with at least 1 scripting language (e.g. Python, Bash, PowerShell)
- Reverse engineering of malware\exploits
Skills
- Communications Skills
- Computer Literacy (MS Word, MS Excel, MS Outlook)
- Attention to Detail
- Analytical Skills
- Problem solving skills
Method of Application
Meet the qualifications?
Apply now at Capitec Bank on careers.capitecbank.co.za