Orange recrute 01 Technical Security Testing

Orange recrute 01 Technical Security Testing


Informatiques, Télécommunications

Technical Security Testing
Ref : CEGY561 | 23 févr. 2021
Date limite de candidature : 30 avr. 2021
Orange Egypt – Smart Village – EgypteLeaflet
Votre rôlePerform initial penetration testing for newly acquired/developed systems.Identify security issues and vulnerabilities that can jeopardize the confidentiality/Integrity/Availability of information systems.Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessment, & social engineering assessments.Develop scripts, tools and methodologies to enhance red teaming processesProgramming skills supporting tool development and customization – (shell scripting, Perl, Python, Ruby, C, C++, C#, Java)Recognize and safely utilize attackers tools, tactics and procedures.Exhibit strong knowledge of tools used for wireless, web application, mobile application and Infrastructure penetration testing.Provide technical advise to system/business owners and/or developers on how to mitigate the identified issues.Propose compensating controls to mitigate/reduce risks where resolving the root cause is not possible.Provide guidance to application developers on secure coding best practices.Insure Orange EG’s information systems are properly hardened, including but not limited to operating systems,  databases, web servers, and application servers.Provide advise to system administrators on how to harden their systems.Perform telecom specific security testing to insure the security of our access, core and packet core networks. Identify and resolve any discovered issues.Perform periodic penetration testing against Orange EG’s critical systems to address any new security issues.Run periodic vulnerability scans against Orange EG’s systems, and insure the findings are addressed in a timely manner according to the asset’s criticality and the riskRun on demand scans for newly announced vulnerabilities and address those vulnerabilities with their ownerProvide executive and detailed technical reports on findings to be used as an input in the risk management processThorough understanding of different network protocols, application frameworks, and database platformsMastery of Unix/Linux/Mac/ Windows operating systems including bash and PowerShellPerform assessments against internal and external security standards including but not limited to PCI-DSS, SOX, ISO-27001, and Orange Global Security PolicyMap business objectives and strategies to identify testing objectives and establish a business oriented risk level.Determine needed tools and budget to enhance security testing process.Ability to define and scope penetration testing requirementsAbility to document and communicate vulnerabilities and associated security risks with the stakeholdersSupervise and guide Pretesting team activities  Votre profilEducationUniversity degree in Telecommunication, Information Technology or Computer Science.Fluently reading and writing in English language..Certifications such as GPEN, GCIH, OSCP, OSCE, GWAPT, GAWN and/or GMOB is a must
Experience4-7 years experience in at least three of the following:Network Penetration testingMobile and/or web application assessmentSocial Engineering assessmentShell scripting and automation of simple tasks using Perl, python, ruby and/or PowerShellDeveloping, extending or modifying exploits, shellcodes, or exploit toolsSource code review for control flow and security flawsFamiliarity with the Telecom industry and its security posture
CompétencesExecutive Presence, Highly effective communicator, well established influencing and negotiating skillsStrong analytical skills; able to quickly digest any issue encountered and recommend an appropriate solutionStrong client service orientationSelf motivated without the need for significant management oversightDynamic team playerAbility to deal with ambiguity and make expert judgement in the situations where no precedent existsExcellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications tp high level presentationsStrong understanding of the role’s impact on the entire company.Ability to maintain a steady work pace with high level of accuracy.Must possess a strong sense of ethics and integrity with respect to identified critical security findings (Revenue/Image Impacting)
EntitéTechnology Information Security
Evaluate the security controls for Orange EG’s Internal and External systems and Identify new vulnerabilities and exploits that can jeopardize the Integrity, Confidentiality and availability of our Information Systems.

Laisser un commentaire