CcHUB’s Digital Security team works to ensure the security of all code, systems, and data used by NGOs, Journalists, Activists and Civil Societies (clients) that we provide support to.
The Information Security Consultant is responsible for assessing a client’s business and operating environment risk and infrastructure vulnerability posture. This position requires a wide range of knowledge of network infrastructures, operating systems hardware platforms, networking systems and the security vulnerabilities within each category. The qualified individual in this position will scan customer networks to discover and exploit security flaws and vulnerabilities.
INFORMATION SECURITY CONSULTANT (CCHUB)
RESPONSIBILITIES:
Responsible for scanning and performing in-depth penetration testing and reporting customer business and operating environments and network infrastructure related to compliance and other relevant industry standards. Activities include, but are not limited to the following:
Understand the Scope of Work for each customer agreement and perform the duties and tasks required by those agreements in an organized, professional manner.
Perform vulnerability assessments and penetration testing, utilizing commercial and open source tools.
Effectively provide technical risk assessment of technologies in networks, applications, systems, wireless.
Review and analyze security vulnerability data to identify applicability and false positives.
Document all processes and procedures in accordance with relevant standards.
Report on findings and assist customers in remediation activities as required.
EXPERIENCE:
The candidate should have a minimum of one (1) year of relevant information security experience or proof of other recognized security certifications.
Possess industry-recognized security certification(s) including one or more of the following: Certified Ethical ……er (preferable), and/or any other relevant certification.
COMPETENCIES – SKILLS/KNOWLEDGE/ABILITIES:
Strong understanding of various web technologies, and experience with application code review.
Demonstrates an ability to methodically analyze problems and identify solutions and communicate to a non-technical audience.
Exhibits good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
Adequately explains, presents, demonstrates [when applicable] and documents the operational impact of a particular vulnerability/exploit. Assists customers with remediation tasks for found vulnerabilities.
Understanding of Industry standard information security standards and their applicability.
Understanding of system infrastructures, vulnerabilities, exploits and remediation tasks.
Please note that this is a temporary contract
0 comments Blogger 0 Facebook
Post a Comment