CYBER SECURITY SPECIALIST - ATTACK SURFACE

We are looking for a Cyber Security Specialist to join our Attack Surface team to work closely with the different stakeholders to ensure that cyber security recommendations and measures are correctly implemented and understood across the whole digital infrastructure of MSC company. Attack surface team is in charge to detect and monitor the different entry points and attack vectors that attackers can use and exploit to gain access to our organization’s network, taking actions to reduce exposition to security threads while improving the security posture of our company. To reach this goal, the cyber security specialist’s responsibilities include using his skill to detect and investigate the vulnerabilities as soon as they are disclosed, as well as to understand insecure configurations and malicious threads related to the different digital assets in scope of MSC. The cyber security specialist’s focus is not only limited to assessing whether vulnerabilities or misconfigurations exist but also how those risks could be mitigated which can help provide MSC with more confidence about system stability going forward.

He/She works inside the Attack Surface team and together with the other Cyber Security areas of MSC Technology, to ensure the proper information sharing and collaboration to guarantee the security of MSC business information, throughout our entire infrastructure.

In summary, his mission includes the following:

• Identify and monitor the different attack vectors of a complex digital infrastructure
• Study and analyse new vulnerabilities as soon as they are disclosed
• Identify new trends in attack infiltration techniques
• Contribute to the definition of mitigations and hardening measures
• Investigate different type of security weaknesses
• Collaborate with the different stakeholders to increase business resilience
• Contribute to improve security awareness
  
  
  

Key Responsibilities

• Continuously improve our Attack surface monitoring capabilities and our internal management practices for their profitable usage
• Help in reducing our attack exposition while improving our security posture
• Monitor the evolution of cyber security trends and cyber risk scenarios
• Analyse new vulnerabilities as soon as they are disclosed, understanding their impacts and how can be addressed and mitigated
• Identify cyber security weaknesses in our networks and infrastructure
• Investigate and develop new challenging criteria to monitor risky area and attack vectors
• Collaborate with the different teams inside MSC company to help defining and applying remediations actions as soon as vulnerabilities and misconfigurations are identified
• Produce documentation
• Support management with the execution of information security strategy and roadmap
• Stay current with emerging technology trends and tools
• Contribute to the evolution and improvement of MSC security infrastructure and defences.
• Provide timely, complete and accurate responses to the requests coming from IT Security Managers, giving positive and constructive contributions.
• Complete ad hoc tasks and projects as required by the Company
• Incorporate good practices and quality processes in activities and Projects
• Participate in the promotion of the IT security good practices and policies among the business.
  
  
  

Qualifications And Experience

• 3-4 years of experience in IT Security Position
• Must be team oriented and at the same able to work with limited supervision
• Ability to identify priorities and ensure that work is completed within timeframes
• Strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
• Security Certifications (CISSP, CISM, ..) are an appreciated option
• Security components (firewall, WAF, log management, NAC, IPS, IDS, HIDS, SIEM…)
• IT infrastructure background
• System/Application/Network vulnerabilities and their exploitation
• Cyber/operation security, network security and application security analysis experience
• Cloud technology (SaaS, IaaS, PaaS) and associated security threat investigations
• Threat intelligence practices and knowledge of OT security practises are appreciated
  
  
  

What We Offer

We offer a range of benefits including new Learning opportunities, a comprehensive Welfare System, Life and Health Insurance, Modern Workstation and Discounts within the MSC group.

Moreover, MSC Technology Italy fosters a culture of innovation and wellbeing by simultaneously pursuing various initiatives. These include Meetups, Technical and General Events such as Gaming Tournaments, Company Charity Initiatives and a Sustainability program designed to benefit all employees.

Our Company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.