Advanced Cyber Security Professional

This is an opportunity to take on a Senior Cyber Security Analyst role, where you will leverage your expertise in bot detection, web traffic analysis, and deep behavioral analytics to identify and investigate anomalous activities within our security platform.

You will conduct advanced investigations of potential automated and human threats, analyze complex patterns and behaviors, and develop actionable insights to enhance our security posture.

Working closely with other teams, you will contribute to the continuous improvement of our AI/ML detection and response capabilities, ensuring that our platform remains resilient against evolving cybersecurity challenges.

• Threat Detection: Monitor, identify, and analyze events from a range of sources to spot threats and respond to such incidents with urgency.
• Collaboration: Work with globally distributed teams to accomplish tasks.
• Metrics Collection: Assist in the collection of metrics to measure the efficiency of Security Operations functions.
• Audit and Compliance: Audit the effectiveness of security measures to check if the systems meet security compliance norms.
• Policies Implementation: Assist in the implementation of security policies and procedures.
• Process Fine-Tuning: Fine-tune processes and update standard operating procedures for the team.
• Incident Investigation: Participate in various stages of incident investigations and threat hunting engagements.

• Web and API Security: Exposure to web and API security, coding standards, WAFs, advanced persistent threat actors, botnets (off-the-shelf and custom), and attack mitigation.
• Hands-on SQL Proficiency: Hands-on SQL proficiency is a must-have.
• Cloud Security: Knowledge of managing, securing, and preparing production web environments with tools like Kubernetes.
• Threat Hunting: Familiarity with Threat Hunting - Web/API, web hacking, web data analysis or WAF hands-on experience.
• Web Application Security: In-depth knowledge of the web technology and web application security field.
• Cybersecurity Landscape: Deep understanding of the cybersecurity threat landscape and the attacker mindset.
• Programming Skills: Experience in scripting and programming (JavaScript, Python, etc.).
• Industry Trends: Interest in keeping up with industry trends and market demands to recommend product enhancements and new sources of intelligence.
• Data-Driven Decision Making: Demonstrated interest in working with data and metrics as applied to security.

• Open Source Tools: Familiarity with open-source analytics and visualization tools like Grafana, Apache Superset.
• Red Teaming: Experience red-teaming, especially developing bot-nets and whitehat hacking.
• Web Security Modules: Hands-on knowledge on Web security modules and secure configuration.
• API Automation: Hands-on experience and proficiency in API test automation and standardization.
• Computer Security: Experience and solid knowledge on computer and network security.
• Integration: Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production.
• Mentorship: Mentor development teams, review pull requests, and guide evolution of the development pipeline.
• Application Packaging: Experience with modern application packaging, deployment, containerisation, bug tracking tools, and other supporting tools (Jenkins, Docker, Kubernetes, etc.).
• Security Frameworks: Familiarity with ISMS (ISO/IEC 27001), SOC2, NIST Cybersecurity Framework, CIS Controls, and Open Web Application Security Project.