Offensive Security Consultant

VINIRMA Consulting Pvt.LtdDoha, Qatar

30+ days ago

Job description

Overview Nair Systems

is currently looking

Offensive Cyber Security Specialist

for our

Qatar

operations with the following terms & conditions.

Education & Experience Requirements

University graduate preferably with a Major in Marketing, Banking, Finance, Accounting, Economics, Business

Administration or Information Technology (related field of study), Masters preferred.

At least 4 years of experience in undertaking technical security assessments of complex IT solutions including

penetration testing, preferably within a highly rated international bank.

Experience in undertaking red team activities is beneficial

Professional certification such as CISSP, CISM, CISA is mandatory

Previous Banking or Big 4 Consultancy work experience is mandatory

Required Special Skills

Good interpersonal and presentation skills.

Understanding of the relevant laws, regulations, and practices.

Ability to make decisions and follow through with initiatives.

Personal integrity and self-management.

Planning, organising, and analytical ability.

Results oriented.

Strong analytical skills and the ability to communicate both verbally and in writing with all levels of management.

Strong knowledge of penetration testing tools and techniques of application and infrastructure components.

Strong knowledge of DevOps / DevSecOps processes including cloud native architecture and relevant controls

Strong knowledge of operating systems (Windows, Linux, Android & iOS)

Strong knowledge of Kubernetes and container orchestration platforms

An understanding or experience with source code scanning and application development frameworks

Experience in designing and risk assessing multi-forest Active Directory domains

Programming experience (Python, Go, Rust, C#, etc)

Ability to work under pressure

Strong client focus Operating Environment / Location :

Essential Duties & Responsibilities by Dimensions A. Shareholder & Financial

Ability to adhere to divisional KPI’s for performance monitoring and quality measurement purposes.

Implements KPI’s and best practices for the SVP Offensive Cyber Security.

Promote cost consciousness and efficiency and enhance productivity, to minimise cost, avoid waste, and optimise benefits for the bank.

Act within the limits of the powers delegated to the incumbent and delegate authority to the respective staff and monitor exercise of the same.

Demonstrate clear understanding of the important factors behind the bank's financial & non-financial performance.

B. Customer (Internal & External)

Ability to customise and use established methodologies, conduct technical reviews and penetration testing activities of business applications and infrastructure projects e.g. technical risk assessments of internet facing applications, workstation and server build platforms, databases, networking, and virtualisation technologies.

Architecture design, compliance to IT security policies and relevant standards.

Ability to provide subject matter expertise for the enhancement of cyber security posture of the organization.

Ability to develop close relationships with IT and business teams. Understand and manage their requirements for GIS risk services.

Ability to assist other teams in the Risk organisation with technical IT Security reviews and provide guidance as a subject matter expert for cyber security.

Ability to provide Ad-hoc consultancy for risks of new technologies and propose with potential solutions.

Ability to identify opportunities and develop new ideas that will lead to improvements.

Ability to adapt / change behaviour or plans to better achieve the target / objective.

Ability to analyse a complex problem and identify potential solutions by exploring and analysing diverse alternatives, including, where applicable, risks and potential business impact. Ability to make the right decisions based on the necessary information and to take measures accordingly.

Ability to liaise with external consultants appointed from time to time to assess the adequacy and effectiveness of the Group’s information security efforts.

To assist customers in all their queries on Bank’s product and seek solution to their requests.

Maintain activities in accordance with Service Level Agreements (SLAs) with internal departments / units to achieve improvements in turn-around time.

Build and maintain strong / effective relationships with related departments / units to achieve the Group’s objectives.

Provide timely / accurate data to external / internal Auditors, Compliance, Financial Control and Risk when required.

C. Internal (Processes, Products, Regulatory)

Ability to set high targets / objectives for self and department. Prefers to take the initiative than to stay passive if events happen. Committed to improving productivity. Unwilling to accept average performance. Tries to be above the requested performance.
Ability identify own strengths and limitations. Seeks guidance and advice when appropriate to accomplish tasks and perform the role in an effective and efficient way.
Ability to play a constructive role as member of the team.

Ability to assess the effectiveness of the various information security systems and network topologies and evaluate

Ability to provide required support for enforcing the security policies of the organization.

Ability to build and maintain strong and effective relationship with all other related departments and units to achieve the Group’s goals / objectives.

Ability to keep Group Information Security Management apprised of the latest security trends and vulnerabilities.

D. Learning & Knowledge

Possess an understanding of business processes and controls in all related operational areas.

Must have an expert understanding of information security issues, best practices, and a working knowledge of IT systems.

Proactively identify areas for professional development of self and undertake development activities.

Seek out opportunities to remain current with all developments in professional field.

E. Legal, Regulatory, and Risk Framework Responsibilities

Comply with all applicable legal, regulatory and internal compliance requirements including, but not limited to, Group Compliance Policies and Procedures (AML & CTF, Sanctions Policy, Data Protection Policy, Fraud Control Policy, Whistle Blowing Policy, Conflict of Interest and Insider Dealing Policy).

Understand and effectively perform your role under the Three Lines of Defence principle to identify measure, monitor, manage and report risks.

Ensure systematic good outcomes for clients in accordance with Conduct Risk policy.

Support the framework of RCSA, KRI, Incident reporting and remediation, as appropriate, in accordance with the Operational Risk Management requirements.

Maintain appropriate knowledge to ensure full qualification to undertake the role.

Complete all mandatory training provided by the Bank, attain, and maintain the required levels of competence.

Attend mandatory (internal and external) seminars as instructed by the Bank.

Skills