Security Analyst - Минск - вакансия 689925

ООО Netcracker Technology Corp.

Дата: 06.03.2021

Город: Минск

Сфера деятельности: Программисты, ИТ, телеком

Текст вакансии:

We are looking for Security Analysts to join our international Application security team and take leading roles in building of mature and protected solutions for leading telecommunication providers. The primary focus will be at security design and verification of Netcracker solutions in alignment with customer requirements, Netcracker best practices and industry security standards. Working with Netcracker solutions that process personal and other sensitive data in various functional domains like customer self-service portals, CRM, Service Fulfillment, telecom billing and Cloud solutions. A successful candidate will be involved into activities ranging from security design reviews and threat modelling to security hardening and security acceptance. Responsibilities:
Analysis and documentation of security requirements for Netcracker software solutions Performing security requirements, threat and vulnerability assessment of Netcracker solutions Review of business scenarios against security risks and security requirements Participate in design and engineering of security related controls within Netcracker solutions Review of quality and coverage of implemented security controls within the solution Design of access control within the solution Preparation of security acceptance program, including: collection of information about the solution, defining of the security test cases, prioritization of SAST, DAST and manual pen test checks Analysis of penetration testing and vulnerability assessment reports and prioritization of security vulnerabilities in the solution and 3rd party components accordingly to CVSS v3 and risk assessment methodologies. Preparation of customer-facing security acceptance report Development of security procedures and instructions Analysis of solution’ data model, classification of data processed by solution accordingly to customer’ requirements and international standards Development of data anonymization design Adaptation and development of product and 3rd party components security hardening guidelines based on CIS benchmarks and vendor recommendations Security documentation development and support Participate in improvements of product and project security methodology Sharing of security knowledge across the organization
Background and Skills:
3+ years in the role of security or system analyst Strong analytical background Excellent verbal and written communication. Strong analytical skills and ability to dive into technical Higher education in the area of IT, Engineering, Security or Mathematics Great understanding of essential security concepts including: threat, vulnerability, risk, segregation of duties, need to know principle, CIA, access control policy, cryptography concepts and practical implementations Detailed understanding of OAauth 2.0 protocol, OpenID standard and SAML standard Practical experience with following specifications and protocols: REST API, SOAP, JSON, XML Understanding and practical experience of RBAC and ABAC access control models Deep knowledge of OWASP top-10 vulnerabilities and attacks Good understanding of Linux and Docker security concepts and mechanisms Good understanding of X.509 standard Practical experience in threat modelling Knowledge of security industry standards and laws including: GDPR, PCI-DSS, NIST 800, ISO 27000 Practical security engineers, IT, software development or quality assurance experience is a great advantage
We offer
Opportunities for career development Professional growth in the international business environment Medical insurance for employees Friendly atmosphere, sports activities and corporate events Salary will be discussed individually with the successful candidate

Контактные данные:

Эта вакансия перенесена в архив и доступна только в информационных целях

Ищешь работу на дому? Подписывайся на Телеграм канал Работа Дома!