CYBER ASSURANCE

Website DP World

Job Description:

Specialist with a proven delivery record of penetration testing, application vulnerability assessment, network vulnerability assessment and exploitations, offensive security exercises on IT, OT and Cloud environments. Regularly conduct state-of-the-art penetration testing against web applications, network infrastructures, user workstations, network appliances, IT devices, emerging technologies web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments. Develop comprehensive and accurate reports and presentations for both technical and executive audiences detailing your findings, including advisements on how to remediate the vulnerabilities to client stakeholders including technical staff, Group Technology and executive leadership.

Job Responsibilities:

  • Suggest solutions to increase the security posture in alignment with the established security policies, guidelines, and leading best practices in a concise easily understood manner along with the Group Director Cyber Assurance and SVP of Tech Audit.
  • Write detailed reports covering the outcomes of Penetration Tests and Red Team activities, including observations, techniques, and mitigations.
  • Recognize and safely utilize attacker tools, tactics, and procedures.
  • Invests time to keep up to date with the IT industry trends and advancements by investing in self-learning and being an active member and contributor at IT/ Cyber Security related organizations such as Cloud Alliance, SANS Security, OWASP, ISACA, ISC2, IT security forums, Cyber Security groups, Seminars – IT Security – threats and controls, Emerging IT, Security and Cyber Risks.
  • Perform end-to-end ethical hacks and a variety of Penetration Testing engagements to assess/ diagnose the vulnerability of test, internet, intranet connected systems, networks, web applications, mobile applications, API’s across DP World Entities.
  • Perform threat modelling/design, automated vulnerability assessment using industry standard tools used for wireless, web application, and network security testing, exploitation and code reviews, manual and automated security testing.
  • Scoping, and executing Security testing, Red Teaming and Offensive security validation engagements, from kickoff through remediation.
  • Write offensive security software such as: backdoors, keyloggers, password dumpers, spear phishing payloads, and web shells and developing, extending, or modifying exploits, shellcode or exploit tools.
  • QUALIFICATIONS, EXPERIENCE AND SKILLSFind and exploit vulnerabilities in web applications, network services and enterprise network infrastructures.
  • Collaborate with IT and all relevant teams to make sure security issues are addressed timely and effectively.
  • Support the SVP of Tech Audit and other GIA members on non-audit related projects and initiatives.
  • Accumulate and share good practices within the DPW terminal portfolio and external entities.

Job Requirements:

  • Reverse engineering malware, data obfuscators, or ciphers
  • Bachelor’s Degree (B.A., B.S.), or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems, or related curriculum
  • 6-8 years’ experience in the field or in a related area
  • 3-4 year of relevant general Information Technology experience, desired
  • Min. 2 Security industry relevant certifications such as CISA, CIA, ISO 27001 Lead Auditor, CISM, CISSP, NIST CSF, HISP, CSX, GIAC, MCSE/MCSA, CCNA, CCNP, CompTIA Security+, GSEC, GISF, CEH.
  • Able to travel between 50% and 70% of the time to locations around the world.
  • Proficient in MS Word, Excel and Powerpoint.
  • Sound understanding of traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools.
  • Sound understanding of Endpoint Detection and Response techniques and tools such as Carbon Black, Palo Alto Cortex, Checkpoint etc.
  • Strong communication and presentation skills (verbal and written); must be able to communicate effectively with individuals at multiple levels and backgrounds across various business units, functions and regions within the company (including senior management).
  • Independently plan and complete work seeking guidance from VP and Senior Manager Tech Audit as needed.
  • Consistently document relevant facts and information which support the work performed and effectively evaluate audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence.
  • Knowledgeable about the cyber kill-chain, and can demonstrate that he or she can: persist on a machine, escalate privileges, steal credentials and move laterally on other machines
  • Write in at least two of the following programming languages: C, Golang, Ruby and Python.
  • Industry experience in IT e.g. OS administration, network administration, firewall configurations and controls, IT security implementation, etc. is beneficial.

Job Details:


Company: DP World

Vacancy Type: Full Time

Job Location: Dubai, UAE

Application Deadline: N/A

To apply for this job please visit www.linkedin.com.


 Report Job
Back to top button