Azerconnect LLC

Offensive Security Services Specialist

Məkan Bakı, Azərbaycan
İş növü Tam iş günü
Kateqoriya İnformasiya texnologiyaları
Vakansiya tarixi 19.08.2022

İş haqqında məlumat

About the vacancy:
Division: Internal and Information Security
Working schedule: 5 days a week, from 09:00 to 18:00. Based on nature of the work you will be able to work from office and from home
Your main job responsibilities:
Conduct continuous analysis to identify network and system vulnerabilities
Conduct and/or support authorized penetration testing on enterprise network assets
Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews)
Design and develop new tools/technologies as related to information security
Identify and/or develop reverse engineering tools to detect cyberspace vulnerabilities
Develops and conducts processes and procedures (e.g., testing) to evaluate compliance with security requirements
Assist with the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes)
Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support Enterprise Network Defense (END) audit missions
Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure)
Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions

Tələblər

Knowledge of computer networking concepts and protocols, and network security methodologies
Knowledge of cyber threats and vulnerabilities
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES])
Knowledge of cryptography and cryptographic key management concepts
Knowledge of database systems
Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware
Knowledge of how system components are installed, integrated, and optimized
Knowledge of information security principles and methods (e.g., firewalls, demilitarized zones, encryption)
Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI])
Knowledge of network design processes, including security objectives, operational objectives, and trade-offs
Knowledge of operating systems
Knowledge of key concepts in security management (e.g., Release Management, Patch Management)
Knowledge of security system design tools, methods, and techniques
Knowledge of key telecommunication concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers)
Skill in designing security controls based on information security principles and tenets
Skill in determining how a security system should work, including its resilience and dependability capabilities, and how changes in conditions, operations, or the environment will affect these outcomes
Skill in developing and applying security system access controls
Skill in using network analysis tools to identify vulnerabilities
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability)
Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)
Skill in developing and applying user credential management system
International certifications in Information Security such as OSCP, CEH, RHCSA, PCNSE, CCNP Security are desirable
Fluent Azeri and English language skills