Datafin

Solution Analyst (6 Month Contract) (Remote)

IT – Analyst, Data Management
Remote

ENVIRONMENT:
PROVIDE security analysis and design input as the next Solution Analyst sought by a Business Management Consultancy to join its CIB Security Engineering team. The team’s focus is on establishing the security enablers required by the CIB product engineering community as well as tactical support for teams when needed. You will be providing specialized input into the efforts of the team as the enablers are established to improve the Cyber Security posture. You will require an IT related Degree/Certificate or equivalent experience of at least 5 years, CISSP/OSCP/CEH/Security+ Certification, understand SIEM & Defensive Technologies with strong UNIX, Windows & Network Security skills. Please note this is a 6-Month Contract.
 
DUTIES:
  • Participate in threat modelling exercises with Product Engineering teams.
  • Document threat mitigation patterns that are feasible within the current environment.
  • Design of new mitigation patterns where gaps are identified.
  • Identity security misconfigurations in IT infrastructure e.g., databases, queues, web servers.
  • Establish secure default configurations for IT infrastructure.
  • Select security training material for the Security Champions and product engineering teams.
  • Participate in security training, such as Capture The Flag exercises and walkthroughs
  • Development of security code review guidelines.
  • Development of appropriate access governance controls within the development environment to promote uphold the principles of least privilege and segregation of duties.
  • Input into the evolution of security standards.
Client/Customer –
  • Provide support and contribute to a culture of customer service excellence that meets and exceeds exceptional service.
  • Build relationship with customers that contribute to a culture of customer service excellence.
  • Conduct: Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Policies and Policy Standards
  • Finance: Contribute to the effective reduction of cost and financial wastage in line with organisational policies and procedures.
  • Learning and Growth: Participate in forums that positively contributes to knowledge improvement.
  • Provide advice and support in the management of change and offer operational support where required.
 
REQUIREMENTS:
Qualifications –
  • IT related Degree / Certificate or equivalent experience.
  • Relevant qualification e.g., CISSP/OSCP/CEH/Security+.
 
Experience/Skills –
  • Min 5 years relevant experience.
  • Solid experience in Information Security.
  • Familiarity with application and network security concepts.
  • Broad understanding of hosting and cloud environments.
  • Understanding of development frameworks.
  • Broad understanding of SIEM & Defensive Technologies.
  • Strong UNIX, Windows and Networking Security skills.
  • Experience developing custom scripts or tools used for vulnerability scanning and identification.
  • Excellent communication skills.
  • System hardening to eliminate vulnerabilities and reduce attack surface area.
  • Threat modelling with development teams.
  • Security testing using offensive security testing / ethical hacking techniques.
  • Programming / Software Development.