- The primary objectives of the Information Security and Penetration Test Engineer are to deliver security services to clients. The services include technical security assessments of applications and infrastructure, security design reviews as well as risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
- Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
- Review and define requirements for information security solutions
- Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
- Participate in Security Assessments of networks, systems and applications
- Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
1 – Business Understanding
- Increase knowledge base regarding technical products.
- Span includes (and not limited) to security assessments and products.
2 – Technical products learning
- Self-learning ability to learn new products of same portfolio.
- Should be convenient with scripts, tools and web searches.
- Can train his peers on new technologies.
3 – Research and programming
- Willing to do programming tweaks. Should not be language dependent.
- Adaptive learning is a MUST to have ability.
- Ability to do search solutions independently.
- 60 % scenarios demands programming skills.
4 – Training & Development
- Identify key skills, specialty skills and propose training needs accordingly.
- Learn new tools and technologies and provide training to peers on the tools.
- Managing, communicating and delivering important technical product projects that impact Information security department of the organization.
KEY PERFORMANCE INDICATORS
- Maintain and Cover the technical processes and documentation diligently and on time
- Understand the importance of client relationship environment.
- Establish and maintain a strong and progressive work culture within the department.
- Willing to learn new technologies.
- Proactively handle and issues and concerns during onsite deployments.
- CEH, ECSA, CISSP or any security vendor certification would be preferred.
- IBM Products experience would be preferred.
- Good understanding of network protocols, design and operations
- Ability to architect and drive change
- Ability to lead in a global environment
- A flexible team player with a proven ability to work successfully in a matrix-reporting environment
- Sound knowledge of Information Security concepts
- Understanding and experience of Penetration Testing
- Experience of various testing strategies and techniques, external and internal
- Experience of test management, test tools and test environments
- Understanding of programming concepts
- Exposure to various info sec tools
- Certifications in InfoSec
- Must have a college education with an under graduate or post graduate degree.
- Excellent written and verbal communication skills to present and interact with different stakeholders in global settings
- Excellent analytical and problem solving skills
- Self-motivated, having a passion for learning
- Be able to train other resources.
- Willingness to travel
- Willingness to learn
BENEFITS AND PERKS:
- Opportunity to work on global assignments
- Opportunity to work with high energy, result oriented globally experienced team
- Top of the line Health Benefit Plan and Employment Fund
- High Performance Bonus Plans
- Biannual evaluations, quarterly feedback and well defined career paths
- Work life balance, leisure activities and annual adventure trips
- Open and honest culture conducive to learning and experimentation
- Be the best with us