Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Perform initial penetration testing for newly acquired/developed systems
- Identify security issues and vulnerabilities that can jeopardize the confidentiality/Integrity/Availability of information systems
- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessment, & social engineering assessments
- Develop scripts, tools and methodologies to enhance red teaming processes
- Recognize and safely utilize attackers tools, tactics and procedures
- Exhibit strong knowledge of tools used for wireless, web application, mobile application and Infrastructure penetration testing
- Provide technical advise to system/business owners and/or developers on how to mitigate the identified issues
- Propose compensating controls to mitigate/reduce risks where resolving the root cause is not possible
- Provide guidance to application developers on secure coding best practices
- Provide advise to system administrators on how to harden their systems
- Perform telecom specific security testing to insure the security of our access, core and packet core networks. Identify and resolve any discovered issues
- Perform periodic penetration testing against Orange EG's critical systems to address any new security issues
- Run periodic vulnerability scans against Orange EG's systems, and insure the findings are addressed in a timely manner according to the asset's critical and the risk
- Run on demand scans for newly announced vulnerabilities and address those vulnerabilities with their owner
- Provide executive and detailed technical reports on findings to be used as an input in the risk management process
- Perform assessments against internal and external security standards including but not limited to PCI-DSS, SOX, ISO-27001, and Orange Global Security Policy
- Map business objectives and strategies to identify testing objectives and establish a business oriented risk level.
- Determine needed tools and budget to enhance security testing process
- Ability to define and scope penetration testing requirements
- Ability to document and communicate vulnerabilities and associated security risks with the stakeholders
- Supervise and guide Pen-testing team activities
Job Requirements
- University degree in Telecommunication, Information Technology or Computer Science
- Fluently reading and writing in English language
- Certifications such as GPEN, GCIH, OSCP, OSCE, GWAPT, GAWN and/or GMOB is a must
- 4 -7 years experience in at least three of the following:
- Network Penetration testing
- Mobile and/or web application assessment
- Social Engineering assessment
- Shell scripting and automation of simple tasks using perl, python, ruby and/or power-shell
- Developing, extending or modifying exploits, shell-codes, or exploit tools
- Source code review for control flow and security flaws
- Familiarity with the Telecom industry and its security posture
Skills
- Executive Presence, Highly effective communicator, well established influencing and negotiating skills
- Strong analytical skills; able to quickly digest any issue encountered and recommend an appropriate solution
- Thorough understanding of different network protocols, application frameworks, and database platforms
- Mastery of Unix/Linux/Mac/ Windows operating systems including bash and power-shell
- Programming skills supporting tool development and customization – (shell scripting, Perl, Python, Ruby, C, C++, C#, Java)
- Strong client service orientation
- Self motivated without the need for significant management oversight
- Dynamic team player
- Ability to deal with ambiguity and make expert judgement in the situations where no precedent exists
- Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to high level presentations
- Strong understanding of the role’s impact on the entire company
- Ability to maintain a steady work pace with high level of accuracy
- Must possess a strong sense of ethics and integrity with respect to identified critical security findings (Revenue/Image Impacting)
Featured Jobs
Similar Jobs
- Corporate Business Application...Decorative Glass And Arab Union Glass Group - Obour City, Cairo1 day ago