We are looking for a Security Analyst to reinforce the team of one of our clients.
Your main responsibilities
- Operate internal security audits
- Execute regular vulnerability scans, penetration tests of components and services
- Report, analyze and comment results of findings
- Plan and supervise security updates with the IT and Application Support departments
- Organize the remediation planning and possibly propose compensating controls
- Manage PKI certificates life cycle
- Execute security risk assessment
- Provide or organize secure coding training for the different solutions
- Supervise and consult on source code analysis of the company's applications
- Advise the software development teams on security techniques and known vulnerabilities
- Generate and maintain security documentation of the IT platform and applications
- Participate in PCI and other security certification projects
- You have at least two years of experience in a similar position
- You have a university degree in Information Technology (BAC+4 minimum), or an equivalent professional experience
- You are fluent in English. French and German are considered a strong asset.
- You have knowledges in :
- Linux, Windows Operating Systems
- Linux scripting techniques (e.g. Bash, Perl, Python)
- Networking protocols (TCP, HTTP, TLS, SSH, SNMP, etc)
- Network scanning and sniffing techniques and tools
- Vulnerability scanning tools (Qualys, Nessus)
- Open Web Application Security Project (OWASP)
- Knowledge of application programming languages (e.g. Java, C, C++, C#)
- Authentication techniques, PKI
- Knowledges in exploiting techniques and penetration testing suites (e.g. Burp Suite, Metasploit, Backtrack), Source Code Analysis Tools (e.g. Sonar Qube, OWASP Zap, etc), PCI Security standards and ISO 27000 series standards are considered as an advantage.
- You have strong analyst and good communication skills
- You have a sense of organization, planning, pro-activity, ownership, team spirit and responsibility
- Permanent contract
- Dynamic and innovative environment
- Competitive salary package
If you do not receive an answer within 20 days, you will have to consider that we will not proceed with your application.