RESPONSIBILITIES
- Detect security attacks, cyber-attacks and launch countermeasures to protect WAISL and client assets.
- Direct, guide, and oversee the activities of security incident
- Support and develop the WAISL’s capabilities in Cyber Incident Response Team (CIRT).
- Create and update documentation related to security incidents, security
- Provide 24×7 support in conjunction with other members respond to computer security incidents.
- Identify and drive both tactical and strategic solutions to contain
- Analyse threat deification information from various internal & external sources and the rapidly resolve resolution of any identified
- Analyse malware and system forensics to determine level of
- Analyse forensic evidence for security incidents and disciplinary or criminal
- Conduct network packet analysis using commercial and open-source
- Conduct and oversee security incident response activities (triage, root cause analysis, escalation, unifications, communication) and develop strategies to contain and eradicate the incident.
- Serve as a subject mater expert in the identification of cyber threat events and incident response.
- Develop and refine processes, procedures, and techniques used by the team to continually
improve security posture.
- Drive the adoption of security best practices in SDLC and software acquisition processes.
EDUCATIONAL QUALIFICATIONS
∙ A bachelor’s degree in computer science/IT/Electronics engineering, MCA or equivalent University degree.
∙ One or more of the following certifications is essential:
o EC-Council’s Certified Application Security Engineer (CASE)
o Certified Secure Software Lifecycle Professional (CSSLP)
o GIAC Certified Web Application Defender (GWEB)
EXPERIENCE
∙ Minimum of 8 years of experience in the IT security industry, preferably working in a a development environment.
∙ Intermediate to expert level expertise and documented technical proficiency in software & data product cybersecurity, data protection, privacy engineering or a combination of general cybersecurity experience and 5+ years of software product development and commercial platform engineering experience.
∙ Experience designing, building, and maintaining enterprise security infrastructure and tools.
∙ Experience in scripting languages (Bash, Python, Power Shell)
SKILLS
TECHNICAL SKILLS:
∙ Strong knowledge of security vulnerabilities, cyber-attacks techniques and countermeasures.
∙ Strong knowledge of NIST Cyber Security Framework, CIS Critical Security Controls, OWASP
∙ Strong understanding of system and application security.
∙ Good understanding of coding & Scripting languages
∙ Strong coding skills in languages such as Python, Golang, Java, Javascript, C, C++, SQL, Assembly, Powershell, Ruby, PHP and Shell Scripting2.
∙ CTF Pentest standards and methodologies
SOFT SKILLS:
∙ Ability to work under pressure in a fast-paced environment.
∙ Strong attention to detail with an analytical mind and outstanding problem-solving skills
∙ Great awareness of cybersecurity trends and hacking techniques.
∙ Should be able to think critically and creatively to identify and address security vulnerabilities.
∙ Strong problem-solving and analytical skills.
∙ Should be able to work well in a team and collaborate effectively with others, both in person and remotely.
∙ Strong presentation and influencing skills.
∙ Excellent communication and interpersonal skills.
∙ Must have the ability to work with minimal levels of supervision or oversight and adhere to security policies.
∙ Excellent proficiency in English.