Job purpose:
The Cyber Security Senior Analyst will be part of a fast-paced Cybersecurity team and cover broad aspects of House of Shipping Cyber security, supporting the design, implementation and daily management of security infrastructures and tools. The position requires strong technical skills and a well-rounded networking background.
Job role description:
The principal areas of responsibility are as follows:
- Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools.
- Map out a network, discover ports and services running on the different exposed network and security devices.
- Conduct penetration test and launch exploits using Nessus, Metasploit, Backtrack penetration testing distribution tools sets.
- Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Analyse scan reports and suggest remediation / mitigation plan.
- Keep track of new vulnerabilities on various network and security devices for different vendors
- Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices.
- Audit configuration of Network and Security devices.
- Deliver regular and consistent KPI/KRIs on VAPT activities.
Key interactions (Internal | External):
Internal: Finance | HR & Admin | Operations | Commercial | Sales Marketing, Commercial, Leadership
Education requirements
Industry certifications & qualifications from recognised training providers like CEH, CPT, OSCP preferred.
Background and experience:
- 2 to 4 years of experience in network & application vulnerability scanning & penetration testing.
- Experience with Nessus, Qualys, NetCat, NMAP Backtrack, Metasploit, HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone).
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
- Analytical thinker willing to “think outside the box†to resolve customer impacting situations on first contact; understand customer risk profile.
- Experience with mobile applications security, API security, Active Directory PenTest.
- Experience in the administration and performance tuning of application stacks (e.g.,Tomcat, JBoss, Apache, Ruby, NGINX)
- Scripting skills (e.g., shell scripts, Perl, Ruby, Python)
- Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts;
- Knowledge of IDS deployment strategies and experience in SIEM tools (RSA enVision, ArcSight, LogRhythm )with be advantageous.
Competencies and skills:
- Problem solving skills and ability to work under pressure.
- Has a “can do†attitude; positive thinker.
- Deductive reasoning/ critical thinking
- Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
- Passionate about cyber-security, eager to continuously learn and develop.
How to apply
Please fill out the application form below and share your cover letter and CV.
i would like to apply for this job
