Offensive Security Consultant – VINIRMA Consulting Pvt.Ltd

Nair Systems is currently looking Offensive Cyber Security Specialist for our Qatar operations with the following terms & conditions.

Education & Experience Requirements:

• University graduate preferably with a Major in Marketing, Banking, Finance, Accounting, Economics, Business
• Administration or Information Technology (related field of study), Masters preferred.
• At least 4 years of experience in undertaking technical security assessments of complex IT solutions including
• penetration testing, preferably within a highly rated international bank.
• Experience in undertaking red team activities is beneficial
• Professional certification such as CISSP, CISM, CISA is mandatory
• Previous Banking or Big 4 Consultancy work experience is mandatory

Required Special Skills:

• Good interpersonal and presentation skills.
• Understanding of the relevant laws, regulations, and practices.
• Ability to make decisions and follow through with initiatives.
• Personal integrity and self-management.
• Planning, organising, and analytical ability.
• Results oriented.
• Strong analytical skills and the ability to communicate both verbally and in writing with all levels of management.
• Strong knowledge of penetration testing tools and techniques of application and infrastructure components.
• Strong knowledge of DevOps/DevSecOps processes including cloud native architecture and relevant controls
• Strong knowledge of operating systems (Windows, Linux, Android & iOS)
• Strong knowledge of Kubernetes and container orchestration platforms
• An understanding or experience with source code scanning and application development frameworks
• Experience in designing and risk assessing multi-forest Active Directory domains
• Programming experience (Python, Go, Rust, C#, etc)
• Ability to work under pressure
• Strong client focus Operating Environment/Location:

Essential Duties & Responsibilities by Dimensions:

A. Shareholder & Financial:

• Ability to adhere to divisional Key Performance Indicators (KPI’s) for performance monitoring and quality
• measurement purposes.
• Implements KPI’s and best practices for the SVP Offensive Cyber Security.
• Promote cost consciousness and efficiency and enhance productivity, to minimise cost, avoid waste, and optimise
• benefits for the bank.
• Act within the limits of the powers delegated to the incumbent and delegate authority to the respective staff and
• monitor exercise of the same.
• Demonstrate clear understanding of the important factors behind the bank’s financial & non-financial
• performance.

B. Customer (Internal & External):

• Ability to customise and use established methodologies, conduct technical reviews and penetration testing activities
• of business applications and infrastructure projects e.g. technical risk assessments of internet facing applications,
• workstation and server build platforms, databases, networking, and virtualisation technologies.
• architecture design, compliance to IT security policies and relevant standards.
• Ability to provide subject matter expertise for the enhancement of cyber security posture of the organization.
• Ability to develop close relationships with IT and business teams. Understand and manage their requirements for
• GIS risk services.
• Ability to assist other teams in the Risk organisation with technical IT Security reviews and provide guidance as a
• subject matter expert for cyber security.
• Ability to provide Ad-hoc consultancy for risks of new technologies and propose with potential solutions.
• Ability to identify opportunities and develop new ideas that will lead to improvements.
• Ability to adapt/change behaviour or plans to better achieve the target/objective.
• Ability to analyse a complex problem and identify potential solutions by exploring and analysing diverse alternatives,
• including, where applicable, risks and potential business impact. Ability to make the right decisions based on the
• necessary information and to take measures accordingly.
• Ability to liaise with external consultants appointed from time to time to assess the adequacy and effectiveness of
• the Group’s information security efforts.
• To assist customers in all their queries on Bank’s product and seek solution to their requests.
• Maintain activities in accordance with Service Level Agreements (SLAs) with internal departments/units to achieve
• improvements in turn-around time.
• Build and maintain strong/effective relationships with related departments/units to achieve the Group’s objectives.
• Provide timely/accurate data to external/internal Auditors, Compliance, Financial Control and Risk when required.

C. Internal (Processes, Products, Regulatory):

• [ Ability to set high targets/objectives for self and department. Prefers to take the initiative than to stay passive if
• events happen. Committed to improving productivity. Unwilling to accept average performance. Tries to be above
• the requested performance.
• [ Ability identify own strengths and limitations. Seeks guidance and advice when appropriate to accomplish tasks
• and perform the role in an effective and efficient way.
• [ Ability to play a constructive role as member of the team.
• Ability to assess the effectiveness of the various information security systems and network topologies and evaluate
• [ Ability to provide required support for enforcing the security policies of the organization.
• [ Ability to build and maintain strong and effective relationship with all other related departments and units to achieve
• the Group’s goals/ objectives.
• [ Ability to keep Group Information Security Management apprised of the latest security trends and vulnerabilities.

D. Learning & Knowledge:

• [ Possess an understanding of business processes and controls in all related operational areas.
• [ Must have an expert understanding of information security issues, best practices, and a working knowledge of IT
• systems.
• [ Proactively identify areas for professional development of self and undertake development activities.
• [ Seek out opportunities to remain current with all developments in professional field.
• E. Legal, Regulatory, and Risk Framework Responsibilities:
• [ Comply with all applicable legal, regulatory and internal compliance requirements including, but not limited to,
• Group Compliance Policies and Procedures (AML & CTF, Sanctions Policy, Data Protection Policy, Fraud Control
• Policy, Whistle Blowing Policy, Conflict of Interest and Insider Dealing Policy).
• [ Understand and effectively perform your role under the Three Lines of Defence principle to identify measure,
• monitor, manage and report risks.
• [ Ensure systematic good outcomes for clients in accordance with Conduct Risk policy.
• [ Support the framework of RCSA, KRI, Incident reporting and remediation, as appropriate, in accordance with the
• Operational Risk Management requirements.
• [ Maintain appropriate knowledge to ensure full qualification to undertake the role.
• [ Complete all mandatory training provided by the Bank, attain, and maintain the required levels of competence.
• [ Attend mandatory (internal and external) seminars as instructed by the Bank.

Job Details

Preferred Candidate

Suite de l’annonce…