Sr. Cybersecurity/Threat Architect

JOB SUMMARY:

The Associate will help to generate the reports and integrate sources through automation for vulnerability assessment and penetration testing activities. Resource must have hands on experience with information security technologies and key concepts such as Vulnerability Management, CVE, Risk etc.

The Associate must have a good understanding of IT and IT Security related technologies including authentication, authorization, logging, event and incident management, and should also have good project management and time management skills.

The responsibilities associated with the position are as follows:

· Must be familiar with top industry vulnerability assessment Or penetration testing tools. (Nexpose, Nessus and Metasploit).

· Benfitial to have a strong command over HTTP request/response construction and the manipulation of these to achieve the desired results in exploiting various vulnerabilities

· Exposure and experience with Metasploit would be plus

· Ability to analyze false positives and Zero day vulnerabilities

· Conducting security assessments through vulnerability testing and risk analysis

· Proactively learns about and evaluates emerging technologies

· Good knowledge of system-level attacks and mitigation methods with a core competency in Windows and Linux

· Should be familiar with Windows environments and management domains, Firewalls, VPNs, Intrusion Detection Systems, and enterprise level information technology

· Continuously perform security research, analyze new and existing security vulnerabilities

· Improve the internal processes by automating manual processes

· Coordinate with asset owners and other relevant stakeholders to action response plans, help educate team personnel and asset owners about the vulnerabilities and their ramifications

· Build a smooth relationship with IT stakeholders

· Support documentation newly identified vulnerabilities as accepted risks

· Strong oral communications and writing skills are a must

· Security rating and application security testing tools knowledge would be plus

· Proficiency in using Linux command-line tools and scripting for security tasks (e.g., bash, cron jobs).

· Ability to use Windows-specific tools and commands for security assessments and mitigations (e.g., PowerShell).

ESSENTIAL JOB REQUIREMENTS:

· Work with globally distributed shared services and delivery teams

· Mandatory language skills (oral, written and listening) : English

Tools Experience:

· Nexpose/Any VM tool

· Opsramp/GLPI/Infobox-Any asset management tool

· Any CNAP Tools

OTHER JOB REQUIREMENTS:

· Good communication and presentation skills

· Ability to work effectively and collaboratively with stakeholders.

· Willingness to work with geographically dispersed teams; may involve working during non-business hours occasionally to accommodate time-zone differences.

PERFORMANCE STANDARDS & EXPECTATIONS

· Bachelor’s degree within a science or related discipline.

· Solid understanding of IT security technologies, and particularly security technologies.

· 2-3 years direct experience in vulnerability assessment and penetration testing.

· 1+ years working in an IT related field.

· 2+ years in an information security related field.

· Excellent oral and written communications skills and listening skills.

· A ‘can do’ attitude team player who works well under pressure and with dispersed groups, worldwide.

· CISSP, CISM, CEH and technical certifications are a plus. (Cisco, Juniper, Microsoft, etc) are a plus.