Informacje o stanowisku

Job Title: Cyber Assurance Specialist (Attack Sim)

Company: Luxoft Poland

Description:

Luxoft DXC Technology Company is an established company focusing on consulting and implementation of complex projects in the financial and insurance industry. For one of our clients in the Insurance Segment, we are looking for a Cyber Assurance Specialist (Attack Sim).

Responsibilities:

1. Provide expertise and consultancy covering all aspects of Companys Information Security infrastructure and policies.
2. Interact with IT representatives to ensure adherence to corporate and information security policies.
3. Provide expert level assurance in penetration testing and vulnerability assessments.
4. Manage business and IT expectations, compliance, and security incidents.
5. Manage a small team/vendor resources when needed for projects or tasks assigned.
6. Understand the risk associated with various technologies and their delivery and service mechanisms.
7. Understand necessary controls and countermeasures to enable the enterprise securely.
8. Work within the team to manage Breach & Attack Simulation tooling.
9. Conduct attack simulations that imitate real-world Threat Actors.
10. Work with SOC & Blue Team to identify weaknesses in existing controls in tooling.
11. Work with Threat Intel Team to plan simulation activities.
12. Help document testing results with SOC.
13. Manage Application Assessments (Ethical Hacks).
14. Manage relationship with third-party testing vendors.
15. Articulate vulnerabilities to Business/Application Owners.
16. Perform Vulnerability and Web Application scans.
17. Identify and consult on the design of countermeasures to mitigate findings.
18. Conduct Security Architecture Reviews.
19. Track software licenses.

You will report to the Head of eDiscovery and Security Assurance.

Mandatory Skills:

1. Strong knowledge of networking protocols.
2. Ability to troubleshoot application level issues.
3. Basic understanding of Web App API interfaces.
4. Digital Forensics or Discovery experience.
5. Basic understanding of eMail infrastructure / Outlook / Office365.
6. Basic understanding of virtual environments.
7. Microsoft Windows and Windows artifacts.
8. Knowledge of file systems.
9. Basic Cisco Security product knowledge including ASAs and network fabric.
10. Basic Intrusion Prevention and Detection technology understanding.
11. Ability to work in a pressured situation and set priorities accordingly.
12. Excellent technical writing and oral presentation skills.
13. Maintain a high level of ethics, morals, confidentiality, and integrity.
14. Independently propose process changes and improvements.
15. Continuously learn and implement new technologies and methods in digital forensics and forensic countermeasures.
16. Ability to build strong relationships with key stakeholders.
17. Ability to think logically to analyze, troubleshoot and resolve complex issues.
18. Must be professional, courteous and enjoy working with people.
19. Strong interpersonal skills and the ability to work within a team.
20. Ability to work in a fast-paced, high-pressure work environment.

Nice-to-Have Skills:

Insurance background would be a plus.

Languages:

Seniority Level: Mid-Senior level

Employment Type: Full-time

Job Function: Engineering and Information Technology

Industries: IT Services and IT Consulting

Wrocław - Oferty pracy w okolicznych lokalizacjach