Title: Cyber Security Engineer (BLUE Team)
Company Name: উপায় (UCB Fintech Company Limited)
Vacancy: Not specific
Job Location: Dhaka
Employment Status: Full-time
∎ Bachelor of Science (BSc) in Computer Science & Engineering
∎ Certification (Preferred):
∎ CEH / ECSA / OSCP
∎ CompTIA Security+
∎ CCNA Security / PCNSA
∎ Red Hat Certified Specialist in Server Security and Hardening
∎ ITIL & IT Governance knowledge
∎ 3 to 4 year(s)
∎ Conduct Blue Team exercise and Computer Network Defense drills in order to evaluate and improve processes related to threat detection, incident response, patching/remediation and user training.
∎ Defends against both real attackers and Red Teams attacks.
∎ Identify points of vulnerability as it relates to people, process, technologies and systems
∎ Identify misconfigurations and coverage gaps in existing security products
∎ Develop and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, compliance and vulnerability analysis of the overall enterprise security posture.
∎ Strengthen network, server, storage and app security to detect targeted attacks and improve breakout time.
∎ Elevate awareness among staff as to the risk of human vulnerabilities which may compromise the organization’s security
∎ Risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies
∎ Support incident response, threat analysis, forensics and penetration testing teams by performing on-demand and targeted identification, compliance and vulnerability scans.
∎ Build the organization’s first-hand experience about how to detect and contain and remediate a targeted attack and propose to elevate the security posture
∎ Develop response and remediation activities to return the environment to a normal operating state.
∎ Communicate recommendations to the responsible parties, tracking of remediation and verify security patches and required configurations on all networked devices
∎ Analyze available security information including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information and intelligence information to assess the status of remote organizations and their cyber security posture
∎ Conduct IT forensic reviews and generate reports accordingly
∎ Conduct source-code review using automated and manual approaches
∎ Ensure timely delivery of status updates and reports
∎ Keep updated on the latest IT Security news , exploits, hacks.
∎ Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks.
∎ Experience in Bank, FinTech, Financial, Large corporate, Enterprise is preferred.
∎ Computer Networking Concepts – Understanding of TCP/IP, common networking ports and protocols, OSI model
∎ Experience in information security, information technology, or related field
∎ Experience in developing remediation/ mitigation activities, and providing status updates and reports.
∎ Experience in performing risk analysis by correlating known vulnerabilities and threats and assigning priorities to issues
∎ Experience with enterprise vulnerability and compliance scanning systems.
∎ Experience with networking, server, storage, firewall hardware and configuration specifically with regard to patching and compliance.
∎ Experience in performing manual and automated analysis of systems and networks in effort to identify, assess, and mitigate vulnerabilities to strengthen security posture.
∎ Experience in performing risk analysis of vulnerabilities and threats and provide risk management recommendations.
∎ Technical knowledge of information technology and cyber security standards and issues.
∎ Familiarity with classes of vulnerabilities and appropriate remediation of industry-standard classification schemes (CVE, CVSS, CPE)
∎ Understanding of MITRE ATT&CK Framework
∎ Understanding of cybersecurity tool’s and the market leader’s products
∎ Ability to understand business concepts and integrate business risk elements into security operations.
∎ Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams
∎ Good communication and Interpersonal Skills
∎ Experience of working independently & as a team player
∎ Strong ethics and understanding of ethics in business and information security.
Job Source: Bdjobs.com Online Job Posting.
Application Deadline: 21 Sep 2021
∎ 7 Sep 2021
∎ উপায় (UCB Fintech Company Limited)
∎ Address : UCB HQ (Plot - CWS- (A)-1, Road No - 34, Gulshan Ave, Dhaka 1212)
∎ Business : Mobile Financial Services