Basic qualifications:
- Successfully completed university studies in the field of computer science or engineering, preferably with a focus on IT security, cyber security or information security
- 3+ years of working experience in at least two of the following areas: Security Monitoring Implementation and Support, including Incident response (SIEM – ArcSight, Splunk, DLP etc.), Cyber Security (Enterprise Penetration Testing, Adversary Hunting, IoT/Embedded Security etc.), Infrastructure Security (IPS/IDS, NextGen Firewalls, VPN technologies, AntiSpam, Proxy,etc.), Identity and Access Management (Oracle Identity Management, Sailpoint IdentityIQ, Forgerock, Oracle Access Management, RSA etc.), Application Security (Data security & privacy, APIs Security, SSDLC, Threat modeling etc.)
- Sound knowledge and pronounced interest in IT security
- Experience in implementing security controls to improve system/platform overall security
- Current understanding of Industry trends and emerging threats
- Knowledge in security standards and regulations: NIST, ISO, PCI DSS, GDPR, PSD2
- Ability to work independently and pro-actively contribute in a global team environment
- Excellent interpersonal, organizational, documentation, and communication skills; able to concisely communicate security risks to both technical and business audiences
- Presentation skills with a high degree of comfort delivering presentations to both large and small audiences
- Understanding of applications, server, and network security and compliance requirements (including operational requirements needed to be GDPR compliant)
- Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
- Fluency in English
- Travel availability
Nice to have:
- Previous technical background in:
- Web application development/ architecture or related fields
- JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience
- Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
- Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan
- Solid understanding of network services, vulnerabilities, and attacks
- Knowledge of SIEM tools / Log Analysis
- Experience in security assessment for enterprise products using different tools, manual penetration testing methods and code review
- Experience in risk assessments in connection with GDPR requirements, including data security, security breach notifications, privacy by design and fair processing
- Understanding of emerging IoT/Mobile technologies and communications protocols
- Experience developing IoT solutions by getting hands one experience with devices and code
- Hands-on experience with IT security in the cloud environment as an architect, in development and/or operation, especially AWS and Microsoft Azure
- Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support