Senior Ethical Hacker

Globant

Bogotá DC
Permanente
Tiempo completo

Hace 23 días

At Globant we boost our client's digital experience by ideating and creating the most innovative software products leveraging emerging technologies and trends. We are the place where innovation, design and engineering meet scale.The successful candidate will be a balance between a technical expert and a person who can understand and support business priorities and risk appetite. We're looking for an Ethical Hacker professional regarding the following:Responsibilities:

Design and champion security controls, policies, standards and procedures.
Partner with teams across the project to design and build security into their applications
Continuous review of internal technical and procedural security controls.
Hunt for gaps in security controls and procedures.
Drive corrective and proactive actions to mitigate compliance gaps in the field of information security.
Manage security requests and incidents.
Operate under strict compliance with all applicable regulations and security standards.

Qualifications:

Ability to develop solutions to moderately complex to highly complex problems.
Proficient at problem identification, research and resolution.
Ability to translate abstract requirements into effective, actionable, and measurable security controls.
Deep understanding of the current landscape of security risks, attack vectors and vulnerabilities.
Ability to perform threat modelling and derive a security test schema based on the security threat model.
Hands-on experience applying/reviewing compliance with Information Security frameworks (CSA STAR, NIST, ISO 27k, PCI DSS, HIPAA, SOX...) and Data Protection legislation.
Knowledge of OWASP Top10 or SANS Top 25.
Fair technical understanding of development, networking, operating systems, web applications, SIEM solutions, etc.
Ability to effectively manage time between projects and daily operational tasks.
Will to develop and improve processes and policies documentation.
Strong oral and written communication skills.
High level of English.
Highly motivated and willing to do what it takes to get the job done.

Experience:

Required: A minimum of 3 years of experience in the field of cybersecurity.
Desired: 1 year working as Security Architect or Information Security Engineer.

Tools/Technologies:

Checkmarx
Fortify
Nessus
Burp
Acunetix
Jenkins
Git
Docker
Python, bash, or other scripting languages

Security Certifications (Desired):

CISSP (Certified Information Systems Security Professional)
GSEC / CEH (GIAC Security Essentials / Certified Ethical Hacker)

Nice to have:

CISA / CISM (Certified Information Systems Auditor / Certified Information Security Manager)
GPEN / OCSP (GIAC Certified Penetration Tester / Offensive Security Certified Professional)
GCIH (GIAC Certified Incident Handler)
CCSK (Certificate of Cloud Security Knowledge)
CCSP (Certified Cloud Security Professional)

We look at the software development process from the three different but complementary perspectives of engineering, design, and innovation... in a constant quest for new insights. We also believe in showing our people how much we value them, which is why one of the many benefits we offer is a fully paid by company PPO health plan.This job be filled Anywhere #LI-Remote in ColombiaAre you Ready?Job Segment: Developer, Engineer, Computer Science, Java, Testing, Technology, Engineering, Infra

Globant

Postularse