Security Matterz
Cyber Security Specialist Job Vacancy In Bahrain
Job Description
Penetration testers, also known as “ethical hackers,” are highly skilled security specialists that spend their days attempting to breach the systems. These testers work in the information technology (IT) field to ensure that those without authorization cannot access an organization’s data. They do this by trying to hack into networks to identify potential vulnerabilities in the system.
In addition to Pen Testing, the engineer will participate in SOC monitoring service as Security Analyst level 2. The Security Analyst will participate and be part of the information security monitoring and incident handling team in order to monitor and manage all information security incidents and risks and solve them as per the business security requirements. The Security Analyst will work and follow up with the IT Teams and other Business Units to develop action plans to mitigate identified vulnerabilities and promote security initiatives.
Key Activities Include:
VA/Pent Testing:
• Planning and performing relevant penetration tests on networks, Mobile, or web-based applications.
• Designing and implementing new penetration testing tools and techniques that can be deployed during Penetration testing on behalf of the client.
• Conducting a physical security assessment of an organization’s systems, including servers and networks, ensuring that any unauthorized external physical interference is not possible.
• Pinpointing the methods that attackers would use to gain access to the client’s systems and underlying data, identifying exploits and weaknesses within the organization’s IT Security defenses.
• Uncovering inadequate security practices, password policies, and other human errors using social engineering techniques. Recommending processes and procedures to mitigate against human error in the future.
• Ensuring that file, directory, and login permissions are restricted to those that need access to them and no one else.
• Collate all findings together into a formal document with the report highlighting all issues uncovered together with recommended remedial actions that should be taken by the client.
• Present the penetration testing findings to all interested parties such as senior IT management, directors, and their impacted teams. Explain the details of the individual findings, where required, and your experience and recommended next steps.
• Highlight the project scope and requirements necessary for the organization to patch, fix and isolate any of these newly discovered IT security flaws. Training, or indeed re-training, of the impacted system’s users, may also be necessary. This work should take place alongside the creation of new documentation supporting both new and existing systems going forwards.
• Recommending a process of penetration and vulnerability testing that the organization could carry out themselves in the future. Penetration and vulnerability testing of the live or production environment on a regular basis is necessary in order to maintain a secure environment as new threats and exploits emerge.
• The Penetration Tester should be able to verify the client’s remedial actions, providing feedback and verifying their fixes to any highlighted security issues. Often a final Penetration Test will be necessary to confirm success!
SOC Analyst Level 2:
• Work as part of 24×7 security operation team
• Monitor the Security Information and Event Management System (SIEM) and follow up on all related security incidents and events.
• Follow the day-to-day operations related to own job to ensure continuity of work
• Respond to security incidents and report on incident handling and resolution.
• Participate in forensic analysis and data recovery, and penetration testing.
• Perform daily security analysis and scanning and assessment for information security risks, threats, and vulnerabilities.
• Proactive research to identify and understand new threats, vulnerabilities, and exploits.
• Configuration and administration of security systems and tools.
• Define and evaluate security technologies required to ensure safe technology operation and detection of cyber-attack.
• Provide the security recommendations on actions that assist in improving security posture within CLIENT Environment.
• Follow all relevant departmental policies, processes, standard operating procedures, and instructions so that work is carried out in a controlled and consistent manner
• Participating in reviewing and documenting computer security and emergency gate identified vulnerabilities and promoting security initiatives.
Qualifications
• Bachelor’s degree in IT, Engineering, or related field of study preferred.
• 3+ years of experience in VAPT
• Relevant security certifications (Security +,CySA+, SSCP, OSCP /CEH)
• Professional Security certification preferred (SSCP, GSEC, CIHE, GCIH, CEH, CPTE, or equivalent).
Additional Information
Technical Skills:
• Strong Communication skills.
• Highly organized and self-motivated to set up and complete training timelines per scheduled deadlines.
• Verbal Presentation Skills/negotiations.
Management Skills:
• Excellent time management skills, presentation skills, and teamwork skills.
• Excellent written and verbal communications skills in English.
If you are interested, please send your updated resume to [email protected] or apply on indeed.com
https://bh.indeed.com/jobs?q=Soc%20Analyst&l=Manama&vjk=94eb37018cfd6a27