Responsibilities
- Collaborating with the CISO to develop new security strategies to reduce and mitigate risk. Optimise security processes and procedures.
- Work with the MSSP to manage alert investigations, incident response, threat hunting and more.
- Participate in incident response and investigations for high priority cybersecurity events.
- Develop new detection methodologies. Plan, coordinate and deliver penetration testing activities.
- Lead and support Security Analysts.
- Develop and carry out information security plans and policies.
- Implementing security tools across the enterprise and production environments.
- Implement and monitor security instrumentation across client’s asset base.
- Identify and investigate risks. Identify opportunities to address them.
- Installation and use of firewalls, data encryption and other security products and procedures
- Perform security scanning of infrastructure and applications to identify vulnerabilities, and coordinate testing with outside parties.
- Lead incident response activities.
- Advise product and engineering teams on secure practices
Qualifications
- Demonstrated leadership and knowledge in MSP/MSSP/CSP Field
- 7+ years experience in security space, technology consulting, account management and business development
- Exposure to banking regulations such as SOX, DFS500 would be preferable.
- Demonstrated success building and/or consulting on the strategy, design and implementation of transformational cybersecurity programs within the Fortune 500
- Certifications such as CISSP and CISM are desirable
- Experienced within the PCI Regulated Enterprise environment/PCI Compliance
- Experience in implementing leading security standards and practices (e.g. ISO27001, PCI DSS, ISO 22301) would be an added advantage
- Understanding of security vulnerabilities in common operating systems, network devices and web applications, including knowledge of remediation procedures
- Working knowledge of OWASP TOP 10, PCI-DSS. ISO 27001
- Familiar with Kali Linux and assessment tools (Nmap, Metasploit, and Nessus etc.) Familiar with setting up configuring virtual environments (VMware)
- Extensive experience with common threat intelligence tools
- Proficiency with Python scripting and use of Python notebooks
- Highly familiar with one or more of the following:
- Classical threat intelligence (IOCs, hunting, reporting, visualization)
- Interdisciplinary research of threat actors and groups