Cyber Security Engineer III

Notes from the HM Call:
Supplier call- 08/27 Shortlisting on 08/29
Title : Cyber Security Engineer III
EBAYJP00021635
HM : Karim Ezzat:

Location: Remote, preference to candidates present in the Client's hubs
BR : $95.50
Duration : Potential to extend beyond the end of the year.
Day to day: Manual infra testing, Pen testing, validating the response, role is part of the detection team. Validate defensive threats. Junior-mid Pen tester or Detection engineer
Offensive security, Penetration testing, detection engineering. Shouldn t be a senior but a junior or mid level.
Must haves: hands on pen testing, scripting and coding skills, hands on practiced on attacks. Able to write scripts. Supporting the detection engineers, advisory emulation.
Education/Yrs of experience : 1-3 yrs of experience.
Will be purely a technical interview.
Red flags : modification in the resume according to Pen testing.
Should be able to explain the penetration testing, and the exercise. Someone using the vulnerability
Team culture: This would be an individual contributor. Detection and threat hunting.
Interview : 2 rounds with 90mins each, 2 engineers for each round, 4 total interviewers.
Certifications : anything in Pen testing is fine


Day to Day Responsibilities of this Position and Description of Project:

Client's information security is looking for a candidate who will assist with the design, implementation, security and ongoing support of the cyber threat detection program and processes within the Global Information Security Team.

This position will work directly with teams inside and outside of GIS as part of our overarching security strategy for Threat Management and Response.

The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, security incident response, and developing/automating creative solutions. As a TMR Engineer, you will be expected to be skilled at identifying security detection gaps in infrastructure and applications, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units. We use our big data platform, based on open source technologies like Apache Flink, Kafka and Hadoop, to build the majority of our security detections. We also use our own data analytics platform built on Hadoop and other security tools like Splunk to build a smaller set of security detections.

Responsibilities:

Research and keep up to date on threat actors. Perform detailed analysis of threats, using technical analytical skills, knowledge and experience. Develop detection logic for new threats.

Validate detection and response capabilities through Breach and Attack Simulation exercises based on threat intelligence and common attack behaviors observed in the real world.

Develop and improve detection and response capabilities together with various functions in GIS.

Create and deliver detailed technical exercise reports and lessons.

Ideal Experience and Qualifications

Advanced degree in computer science, information technology, or an equivalent.

Three or more years of experience in a Penetration Testing or Threat Detection role.

Experienced in the manipulation and analysis of large data sets and query languages.

Strong knowledge of enterprise infrastructure and tools.