Cyber Assurance Specialist

As a Cyber Assurance Specialist you will provide expertise and consultancy covering all aspects of Information Security infrastructure and policies. You will interact with IT representatives to ensure adherence to corporate and information security policies. You will have skills to provide expert level assurance in penetration testing and vulnerability assessments. The ability to manage business and IT expectations, compliance, and Security incidents are critical to success. You should also have the ability to manage a small team / vendor resources when needed for projects or tasks assigned.

Knowledge of the security impact and implementation of the triad (confidentiality, integrity, and availability) on data networks and the appropriate risks to present to business management are key ingredients to this position. To that effect, you should be a CISSP or be able to obtain the same certification within two calendar years.

You will be required to understand completely the risk associated with various technologies and their delivery and service mechanisms supporting the infrastructure and business. In conjunction with the above, you must understand the necessary controls and countermeasures to enable the enterprise securely.

DISCOVER your opportunity

What will your essential responsibilities include?

· Work within the team to manage Breach & Attack Simulation tooling

· Conduct attack simulations that imitate real-world Threat Actors

· Work with SOC & Blue Team to identify weaknesses in existing controls in tooling

· Work with Threat Intel Team to plan simulation activities

· Work with SOC to help document testing results

· Managing Application Assessments (Ethical Hacks)

· Manage relationship with third party testing vendors

· Articulate Vulnerabilities to Business / Application Owners

· Perform Vulnerability and Web Application scans

· Identify and consult on the design of countermeasures to mitigate findings

· Provide quality assurance over vendor supplied reports

· Security Architecture Reviews

· Metrics reporting

· Software license tracking

· You will report to the Head of eDiscovery and Security Assurance

SHARE your talent

We’re looking for someone who has these abilities and skills:

Required Skills and Abilities:

· 2+ Years Penetration Testing experience

· Strong Windows Server OS knowledge (Windows 7 / 10) including CMD line use

· Strong knowledge of networking protocols

· Ability to troubleshoot application level issues

· Powershell / SSH experience

· Basic understanding of Web App API interfaces

· Digital Forensics or Discovery experience

· Basic understanding of eMail infrastructure / Outlook / Office365

· Basic understanding of virtual environments

· Microsoft Windows and Windows artifacts

· Knowledge of file systems

· Strong English proficiency

· Basic Cisco Security product knowledge including ASA’s and network fabric

· Basic Intrusion Prevention and Detection technology understanding

· Be able to work in a pressurised situation and set priorities accordingly.

· Excellent technical writing skills and oral presentation skills

· Maintain a high level of ethics, morals, confidentiality and integrity.

· Independently propose process changes and improvements for consideration.

· Continuously learn and implement new technologies and methods in digital forensics and forensic countermeasures.

· Ability to build strong relationships with key stakeholders across the organization.

· Ability to think logically to analyze, troubleshoot and resolve complex issues.

· Must be professional, courteous and enjoy working with people; critical thinking, creativity, and independent judgment are expected.

· Strong interpersonal skills and the ability to work within a team.

· Ability to work in a fast paced, high pressure work environment.