INFORMATION/CYBER SECURITY EXPERT - VAPT
Duncan & Ross
Doha, Doha, Qatar
منذ 6 يوم
  • Performs security assessments, NERC-CIP assessments, the development of security policies and practices, and other customer specific security tasks for Operators of critical infrastructure automation systems.
  • Developing conceptual knowledge of professional discipline. May include support roles with specialized expertise or technical knowledge in broad area.
  • Applies general knowledge of business developed through education or past experience. Understands how work of own team contributes to the area.
  • Resolves issues using established procedures. Consults supervisor or more senior team members for issues outside of defined instructions / parameters.
  • Collaborates with others to solve issues. For customer facing roles, develops strong customer relationships and serves as the interface between customer and company.
  • Exchanges technical information, asks questions and checks for understanding.

    Education Qualifications, Accreditation, Training :

  • Bachelor's degree in Information Technology or related field
  • Minimum 5-10 years of experience in the Cyber security field
  • Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)
  • Required Skillsets

  • Recent experience in a cyber-security client-facing position (Consulting, Integration, Solution Management, Security Architect) would be a plus
  • Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats;
  • and providing recommendations to comply with an applicable cybersecurity framework

  • Extensive experience in cybersecurity-related activities and controls
  • A broad range of experience in cyber security technology and vendors
  • Understanding of general cybersecurity frameworks (ISO IEC 27001 / 27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)
  • Thorough understanding of OWASP TOP 10 vulnerabilities and their mitigations
  • Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM)
  • Working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)
  • Ability to perform vulnerability / penetration testing in IT / ICS / OT environment and threat hunting
  • Experience in Vulnerability Assessment and Penetration Testing Researchers to do VAPT on ICS systems and development of proof of concepts for submission to National Vulnerability Databases
  • Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools
  • Map out a network, discover ports and services running on the different exposed network and security devices
  • Conduct penetration test and launch exploits using Nessus, Metasploit, Backtrack penetration testing distribution tools sets
  • Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
  • Analyze scan reports and suggest remediation / mitigation plan
  • Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices
  • Advanced technical analysis on intrusions
  • Audit configuration of Network and Security devices
  • Good knowledge of Secure SDLC standards
  • Good knowledge of encryption technologies & MiTM attacks
  • Good understanding of the MITRE ATT&CK framework and how to leverage it.
  • Excellent spoken and written communication to explain your methods to a technical and non-technical audience
  • Attention to detail, to be able to plan and execute tests while considering client requirements
  • Teamwork skills, to support colleagues and share techniques
  • Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done
  • Business skills to understand the implications of any weaknesses you find
  • Commitment to continuously update your technical knowledge base
  • Vertical : Technology

    Technology

    بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    تقديم
    بريدي الالكتروني
    بالضغط على "استمر" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    استمر
    استمارة الطلب