Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.
As a Cybersecurity Assurance Officer in the Cyber Assurance team, you will develop, implement, lead and continuously improve the security verification and testing processes consisting of but not limited to risk assessments, compliance reviews, vulnerability assessments and penetration tests based on industry best practices and as defined by the assurance. Collaborate with the team in developing the assurance program on an ongoing basis to incorporate industry best practices and offensive and defensive attack techniques.
In this role you will:
- Deliver in-depth automated and manual discovery of security vulnerabilities in web applications, mobile applications, web services and client server application and associated infrastructure
- Perform a thorough verification of the vulnerabilities found during the assessment and associated risk as per risk assessment framework. Support in building defence in depth controls in web & mobile applications.
- Provide necessary knowledge transfer of the vulnerabilities found during the assessments to the software engineering teams by means of meetings, walkthroughs, technical discussions etc. for implementing appropriate security fixes.
- Monitor identified security vulnerabilities throughout their life cycle from identification to resolution to verification and closure.
- Participate in red teaming complex environments with up-to-date knowledge on exploitation and help blue team to build use cases for stronger defence.
- Participate in evolving the assurance program on an ongoing basis to incorporate industry best practices, newer offensive and defensive attack techniques
- Collaborate with development teams on improving security by offering design reviews, threat modelling, awareness, training, new tooling and expert review
- Create tools, script, and automation to make the vulnerability discovery and vulnerability management process more consistent and efficient.
Desired Candidate Profile
To be considered for the role, you must meet the below requirements:
- Degree or Honours (12+3 or equivalent) Information Technology or relevant.
- 3+ Years of experience information security with related industry recognised certification such as CISSP, CISA, CISM, GIAC certification, CEH, etc.
- Deep technical knowledge of OWASP TOP 10 issues for both Application & Mobile
- Deep technical knowledge of network and infrastructure security testing
- Technical aptitude to test Web Services, API s, business logic issues, cloud specific issues etc.
- Adaptive to newer attack vectors & technologies and its applicability
- Proficient in using & implementing open source and commercial tools for application, mobile & thick client security testing
- Experience in reviewing source code for varied programming languages
- Deep technical knowledge of browser security controls such SOP, CSP, XFO, HSTS, etc.
- Knowledge of reviewing mobile & web-based security design, implementation & review.
Department / Functional Area
Keywords
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
The Emirates Group
At Emirates, we believe in connecting the world to and through our global hub in Dubai and in constantly innovating to ensure our customers Fly Better . Emirates Group IT thrives on the dynamic nature of technology. Being pioneers in aviation innovation, we're always at the forefront, pushing boundaries. We're on the lookout for exceptional IT professionals to fortify our position as leaders in the industry. Embark on a journey with the world s largest international airline and become a vital part of our cutting-edge information and technology team as Cybersecurity Assurance Officer.