PASHA Bank is looking for strong candidate to join our team as Specialist in Cyber Threats Analysis.
Main roles & responsibilities:
• Identifies the data sources required due to changing nature of threats to support requests coming from within the bank
• Provides confidence-related reporting to assess TI data source alignment; highlights information gaps and validates sources
• Leverages information processing technologies to ingest and process data for analysis
• Conducts an analysis of the incoming TI information to determine the relevance and impact to the bank to make a forward-looking view of the threat landscape
• Identifies new Indicators of Compromise (IOCs) and support ongoing maintenance of IOC database
• Recommends changes to security device policies
• Provides report on the new findings covering number of fresh IOC generated mapped to threat, number of IOCs updated related to threats, TTPs observed mapped to threat and impacted/target system, etc
• Manages and prioritizes Use Case development queue
• Transforms newly identified threats, impacted assets and associated attack vectors coupled with business requirements into Use Cases
• Manages Use Case Development life cycle using established methodology and process
• Provides regular report based on established reporting metrics.
• Supports Vulnerability management Platforms
• Ensures efficient operation (full coverage) of vulnerability scanning of all critical technology platforms
• Utilizes an up-to-date Security Content Automation Protocol (SCAP) compliant vulnerability-scanning tool to automatically scan all systems on the network on a periodical basis to identify all potential vulnerabilities on the organization’s systems.
Required qualifications & skills:
• Education: Bachelor degree in IT or other relevant field
• Work experience: Minimum 3 year experience in Cybersecurity or relevant IT field
• License / Certificate: CCNA Security, CompTIA Security, CompTIA CySA and other cybersecurity related certificates is preferable
• Foreign Language: English (good), Russian (good)
• Computer Skills:
- Experience with one or more TI platforms
- Experience with Open Source Intelligence (OSINT) collection tools and intelligence vendor portals
- Knowledge of relevant data formats (like JSON, STIX, etc.)
- Knowledge of log formats
- Understanding of security incident response fundamentals
- Knowledge/experience in Network forensics: network traffic protocols, traffic analysis (i.e. PCAP), intrusion detection
- Knowledge OWASP top 10 and WASC Threat Classification
- Experience with various vulnerability scanner
• Other: Process and procedure adherence, Good analytical and root cause analysis skills, Team player able to work effectively in a team fostered, Effective verbal and written communication skills
Candidates are requested to send their Application Forms/CVs to [email protected] until June 4, 2021. Please indicate the name of the position (Specialist in Cyber Threats Analysis) you are applying for in the subject line of the email and put cc your Line Manager and Business partner. Otherwise, the candidacy will not be considered in the review process of the applications collected.
Please be advised that only shortlisted candidates will be invited to the further stages of the recruitment process.