Position: Specialist 
Function: Operations
Department: Information Technology
Division: Cybersecurity Services
Team: Cyber Security investigations team
Reports to (position): Cyber Security Division Head

Job purpose

Responsible for the effective management of security processes and security systems, consistency, provide security of IT infrastructure, providing cyber security investigations, malware validations, malware code analysis, vulnerability analysis, penetration testing, security incident management and developed code quality check.

Main Accountability

– Incident management and response. Analyze, escalate and remediate security incidents.
– Penetration Testing, Phishing Testing 
– To be compliant with internal and external policies and processes.
– Work closely with specialists of various teams to assess existing problems and to come up with process improvement solutions
– Vulnerability & Threat Management. Perform Virus and malicious code management, code validation process. (Detect, analyse, and eliminate viruses and malicious code. Developed code validation. Code quality check.)
– On time processing of Cyber Security requests according to SLA.
– Responsible for the day-to-day operations of security controls.
– Proactively identify, define, and implement new cyber security controls as necessary
– Establish and promote secure coding practices and general security awareness across multiple development teams
– Identification of risks related to new implementations or existing infrastructure and application solutions and provision of guidance for remediation.
– Understanding of security risks and threats as they relate to the company’s operating environments.
– Actively identify, analyze and recommend solutions and new security tools to mitigate security vulnerabilities 
– Other specific duties as assigned by the line manager

Knowledge, skills and experience required

• Education: Bachelor degree in IT or equivalent training and experience;
• Work experience: Minimum 2 years’ experience in related areas;
• License / Certificate: CEH, OSCP, SANS is an advantage;
• Foreign Language: English (upper-intermediate);
• Skills:Java and JavaScript programming and scripting languages, authentication and authorization schemas for web applications at basic level; 
• Product Knowledge : Kali OS, Burp Suite, WireShark, Veracode, CheckMarx is an advantage;
• Market knowledge: Banking experience is an advantage;
• Functional knowledge across all areas of Cyber Security (vulnerability management, Web security, Network essentials and Penetration testing);
• Knowledge and experience with a Software Development Life Cycle (SDLC) and Secure System Development Lifecycle (SecSDLC), as well as Agile/SCRUM methodologies is an advantage;
• Basic knowledge of authentication and authorization schemas for web applications;
• Basic experience with software development principles like data structures, algorithms, run-time analysis, object-oriented design and code quality verification;
• Understanding and experience with static and dynamic source code analysis tools, web and database security assessment tools;
• Understanding of the HTTP protocol; familiarity in Cyber security best practices and frameworks is an advantage;
• Understanding of formats such as JSON, as well as XML and YAML markup languages.
• Other: Collaborative, result oriented. Ability to work with various teams, ability to work independently to meet deadlines and produce quality work in a time-sensitive, dynamic environment.

Interested candidates are requested to submit their resumes to [email protected]