• Architect, design, implement, validate ,support and evaluate Security implementation.
• Identify security issues & risks, and develop mitigation plans.
• Conduct general security awareness, trainings.
• Must have the ability to detect subtle compromises in the system that may otherwise go unnoticed.
• Evaluate and recommend new and emerging security products and technologies
• Mentor junior members of the team
• 4-6 years’ experience at application-level vulnerability testing and auditing using open source tools like Burp Suit, Zap proxy, NMap, Kali Linux etc..
• Experience with the application of threat modelling or other risk identification techniques
• Experience with service-oriented architecture and web services security
• Strong experience and detailed technical knowledge in security engineering, authentication and security protocols, cryptography, and application security.
• Consistent implementation of security solutions at the business unit level
Ethical hacker certificate will be added advantage
• Any graduate
• (Desired) CISSP—Certified Information System Security Professional or CISM-Certified Information Security Manager, Other related certifications can also be considered.
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP,HTTPS, routing protocols)
• Excellent understanding of OWASP top 10, SANS 25
• Detailed knowledge of web security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Good written and verbal communication skills