We are looking for an experienced cyber security specialist with strong fundamentals on cyber security for web and mobile applications, ideally a developer or engineer by background in financial or similar high risk systems, who is able to conduct security related testing (vulnerability, penetration etc testing) himself. Also, he is able to design and calibrate these tests according to client risk profile and security requirements.
- Establish and execute repeatable cyber security risk assessment procedures
- Design and requirements specification for secured coding and network design
- Design and implement cryptography
- Develop security remediation and improvement requirements definition
- Assist in the development of overarching security roadmap
- Threat modeling
- Monitor effectivity of cyber security activities
- Monitor and guide the engineering team on implementing security remediation and improvement activities
- Independent completion of security related activities
- Contribute to technical decisions. Development of technical approach to decisions made.
- Lead security knowledge transfers, awareness programs, trainings and special interest group interactions both internal and external engagements.
- Proactive research and development for technical and process best practices related to cyber security.
- Coordinate with project and program managers to include cyber security related activities to their plans.
- Software engineering background is a must. This is to ensure knowlege in OSI and software ecosystems and how they integrate and connect to each other.
- Solid grasp of Cyber Security (application and networking) and networking fundamentals.
- Good fundamentals in cryptography and its practical applications for security.
- Demonstrable verbal and written communication skills
- Ability to work with mathematical concepts such as probability and statistical inferencing
- Understanding of data-driven analyses
- Ability to understand and create data visualizations
- Can write code primarily for use in new tools in programming languages like Python, Ruby, SCALA, C++ or similar.
- Knows how to use and install KALI Linux
- Knows how to use the security testing tools available for use within KALI linux
- Understands security testing requirements of hosting providers such as AWS, Azure etc.
- Have gone thru full or in partial 1 or more security compliance auditing.
- Designing threat models is good to have.
- Certified good moral character, from at least 2 independent sources
- Proactive researcher in terms of cyber security
- Independent: Can work independently and as well as a team
- Collaborator: understands that there is always a greater team
- Simplicity: Can explain security-related technical details in plain language
- Assertive: Can exert and articulate security requirement in clear, concise and assertive fashion
- Analytical: Strong analysis and technical writing skills.
- Adaptive: Ability to deal with different kinds of people of various roles
- Self-starter: creative, aggressive, smart, polished, with meticulous attention to detail.
- The candidate must have BS or advanced degree in IT, Cyber Security, Computer Science, other disciplines in technical, engineering or sciences with equivalent related experience
- Has strong ethics
- Training, formal or informal, in network and cyber security
- 3 years in Software Engineering/IT and 2 or more years working with cyber security
- Professional experience with a networking or cyber security consulting firm a plus
- Strong understanding with opensource technologies a plus