Top.Mail.Ru
Offensive Security Services Specialist Telecom
012 -5961868
negotiable
26.11.2021

Job Description

Responsibilities :

Conduct continuous analysis to identify network and system vulnerabilities;
Conduct and/or support authorized penetration testing on enterprise network assets;
Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews);
Design and develop new tools/technologies as related to information security;
Identify and/or develop reverse engineering tools to detect cyberspace vulnerabilities;
Develops and conducts processes and procedures (e.g., testing) to evaluate compliance with security requirements;
Assist with the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes);
Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support Enterprise Network Defense (END) audit missions;
Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure);
Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.

Requirements :

Knowledge of computer networking concepts and protocols, and network security methodologies;
Knowledge of cyber threats and vulnerabilities;
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems;
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]);
Knowledge of cryptography and cryptographic key management concepts;
Knowledge of database systems;
Knowledge of electrical engineering as applied to computer architecture, including circuit boards, processors, chips, and associated computer hardware;
Knowledge of how system components are installed, integrated, and optimized;
Knowledge of information security principles and methods (e.g., firewalls, demilitarized zones, encryption);
Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]);
Knowledge of network design processes, including security objectives, operational objectives, and trade-offs;
Knowledge of operating systems;
Knowledge of key concepts in security management (e.g., Release Management, Patch Management);
Knowledge of security system design tools, methods, and techniques;
Knowledge of key telecommunication concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers);
Skill in designing security controls based on information security principles and tenets;
Skill in determining how a security system should work, including its resilience and dependability capabilities, and how changes in conditions, operations, or the environment will affect these outcomes;
Skill in developing and applying security system access controls;
Skill in using network analysis tools to identify vulnerabilities;
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability);
Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth);
Skill in developing and applying user credential management system;
International certifications in Information Security such as OSCP, CEH, RHCSA, PCNSE, CCNP Security are desirable
Fluent Azeri and English language skills.