This job ad has been posted over 30 days ago...



IT Offensive Security Specialist Full-time

at Onshore client of Cognix in Dubai (Published at 02-10-2018)

Position Title IT Offensive Security Specialist
Reports to Position IT Security & Compliance Manager
Direct Reports N/A
Team total 4
Location Dubai

Job Purpose
The role requires to conduct: Comprehensive security assessments on web applications, mobile applications, security devices and IT infrastructure, with minimal supervision. In-depth technical hands-on penetration testing, source code auditing both DAST & SAST techniques. Knowledge of scripting and reverse engineering will be plus. Monitor all security processes and systems across the organization and define threat & mitigation plan, ability to respond to emerging threats such as APT and other forms of targeted attacks, capability to conduct malware analysis and malware reverse engineering to identify IOCs. Drive for persistent improvement in protecting CLIENT’s information systems from internal and external security threats.

Key Accountabilities
Planning & Organisation
 Plan, lead and conduct security assessments, penetration tests, and simulate attacks on CLIENT’s internally or externally hosted applications and IT infrastructure with an emphasis on critical functions and services.
 Continuously monitor and protect the IT infrastructure for vulnerabilities and security threats and co-ordinate with other teams to resolve the security incidents quickly and efficiently.
 Provide technical recommendation for remediation of vulnerabilities in IT systems and web applications and maintain a feedback loop to ensure that they are timely addressed.
 Understand Internal Applications landscape keep track of ITIL processes and provide security recommendations when needed.
 Being SME for security application and work towards incorporating security into SDLC, assisting project development teams move towards DevOpsSec.
 Develop controls to mitigate the process/security gaps identified in the information systems and practices
 Mentor and train the team on attack techniques, tools, intelligence analysis and adversarial tactics.

Frameworks, boundaries and decision-making authority
• Should be a subject matter expert in Application security, Security Testing and related Information Security domains. The job role involves liaising with various departments within CLIENT and external vendors

Qualifications, experience, skills and competencies
Experience required:
o 7 - 10 years of IT security and information security related experience
Education requirement:
o • Technical Bachelor’s Degree with the required experience
o • Should have GPEN/GWAPT/OSCP certification
o • Good to have CISSP certification

Knowledge & Skills:
o Expert knowledge in conducting and handling enterprise penetration testing for large scale organisation on web and mobile applications
o Expert knowledge in application Security covering both DAST & SAST methodologies is must.
o Proficient in handling network security products including APT platforms, Next generation network / application firewalls, IPS, cryptographic suites and VA tools and traditional penetration testing tools and techniques.
o Skilled to descript the observations in narrative format for communication and documentation
o Extensive knowledge on programming/scripting languages.
o Strong knowledge on networking, virtualization, Windows and Linux operating systems and their defence concepts
o Knowledge on malware analysis and reverse engineering tools and techniques

Viewed: 991 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend