Senior Ethical Hacker
Globant
- Bogotá DC
- Permanente
- Tiempo completo
- Design and champion security controls, policies, standards and procedures.
- Partner with teams across the project to design and build security into their applications
- Continuous review of internal technical and procedural security controls.
- Hunt for gaps in security controls and procedures.
- Drive corrective and proactive actions to mitigate compliance gaps in the field of information security.
- Manage security requests and incidents.
- Operate under strict compliance with all applicable regulations and security standards.
- Ability to develop solutions to moderately complex to highly complex problems.
- Proficient at problem identification, research and resolution.
- Ability to translate abstract requirements into effective, actionable, and measurable security controls.
- Deep understanding of the current landscape of security risks, attack vectors and vulnerabilities.
- Ability to perform threat modelling and derive a security test schema based on the security threat model.
- Hands-on experience applying/reviewing compliance with Information Security frameworks (CSA STAR, NIST, ISO 27k, PCI DSS, HIPAA, SOX...) and Data Protection legislation.
- Knowledge of OWASP Top10 or SANS Top 25.
- Fair technical understanding of development, networking, operating systems, web applications, SIEM solutions, etc.
- Ability to effectively manage time between projects and daily operational tasks.
- Will to develop and improve processes and policies documentation.
- Strong oral and written communication skills.
- High level of English.
- Highly motivated and willing to do what it takes to get the job done.
- Required: A minimum of 3 years of experience in the field of cybersecurity.
- Desired: 1 year working as Security Architect or Information Security Engineer.
- Checkmarx
- Fortify
- Nessus
- Burp
- Acunetix
- Jenkins
- Git
- Docker
- Python, bash, or other scripting languages
- CISSP (Certified Information Systems Security Professional)
- GSEC / CEH (GIAC Security Essentials / Certified Ethical Hacker)
- CISA / CISM (Certified Information Systems Auditor / Certified Information Security Manager)
- GPEN / OCSP (GIAC Certified Penetration Tester / Offensive Security Certified Professional)
- GCIH (GIAC Certified Incident Handler)
- CCSK (Certificate of Cloud Security Knowledge)
- CCSP (Certified Cloud Security Professional)