Cyber Security Engineer

I. PURPOSE

To accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization as a whole.

II. DUTIES AND RESPONSIBILITIES

• Ensure the execution of services within the allocated budget hours or parameters defined by the Service Level Agreement.
• Obtain professional certifications and actively participate in relevant training sessions related to the provided services.
• Deliver high-quality services to clients with the goal of ensuring customer satisfaction.

A. Vulnerability Assessment and Penetration Testing

• Plan and execute Vulnerability Assessment (VA), Vulnerability Management (VM), Vulnerability Assessment and Penetration Testing (VAPT), Phishing Simulation, and Red Teaming activities.
• Evaluate the effectiveness of existing security controls and provide recommendations for improvements.
• Simulate real-world cyber-attacks to identify potential weaknesses.
• Prepare detailed reports on findings, and recommended remediation strategies.
• Communicate findings to technical and non-technical stakeholders in a clear and understandable manner.
• Work closely with cross-functional teams to integrate security best practices into development and operational processes.
• Collaborate with IT teams, developers, and system administrators to address and resolve security issues.
• Stay informed about the latest security threats, vulnerabilities, and industry best practices.

B. Digital Forensics and Incident Response

• Assist in conducting digital forensics investigations on various digital devices, including computers, servers, mobile devices, and network equipment.
• Utilize industry-standard forensic tools and techniques to acquire, analyze, and preserve digital evidence.
• Coordinate incident response efforts during cybersecurity incidents, including data breaches, malware infections, and unauthorized access.
• Implement incident response plans to contain and eradicate security incidents effectively.
• Collaborate with cross-functional teams to minimize the impact of incidents, providing guidance on corrective actions.
• Prepare detailed and well-documented reports outlining findings, methodologies, and recommendations.
• Contribute to post-incident reports, sharing insights and lessons learned for continuous improvement.

III. QUALIFICATIONS

A. Minimum Education

• College Graduate or Diploma holder of any computer-related course.
• Preferably a degree in Information Technology, Engineering, or a related field

B. Minimum Experience/Training

• 1 years+ experience working in Vulnerability Assessment and Penetration Testing, Red Teaming or Security Operations particularly in Digital Forensics and Incident Response.
• Knowledge of ITIL, Infrastructure related technologies & understanding of business relevance of the technologies
• Experience working with IT systems and software related to Vulnerability Assessment and Penetration Testing, and Digital Forensics and Incident Response.

C. Competency

• Effective team player with collaborative skills, capable of analyzing substantial technical data in a fast-paced environment.
• Strong problem-solving abilities, analytical skills, and effective time management.
• Positive, energetic, and enthusiastic demeanor with keen attention to detail.
• Excellent multitasking and task prioritization skills.
• Self-motivated, proactive, and customer-centric in approach.
• Quick learner with adaptability to dynamic working environments.
• Capacity to exercise judgment in high-pressure situations with minimal external guidance.
• Knowledge of cybersecurity and privacy principles.
• Familiarity with computer networking concepts, protocols, and security methodologies.
• Understanding of laws, regulations, policies, and ethics relevant to cybersecurity and privacy.
• Proficiency in risk management processes, encompassing methods for assessing and mitigating risk.
• Familiarity with cyber threats, vulnerabilities, and the operational impacts of cybersecurity lapses.
• Knowledge of traffic flows across the network, encompassing Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI), and Information Technology Infrastructure Library (ITIL).
• Awareness of application vulnerabilities and system/application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Ability to perform penetration testing on network devices, servers, workstations, APIs and Web Applications.
• Skills in conducting vulnerability assessment, vulnerability management, phishing simulation, and red teaming activities.
• Knowledge of programming language structures and logic, including the ability to apply programming language structures (e.g., source code review) and logic.
• Understanding of MITRE ATT&CK Framework and NIST SP800-61.
• Knowledge in identifying, capturing, containing, and reporting malware.
• Familiarity with incident response procedures.
• Understanding of investigative implications related to hardware, operating systems, and network technologies.
• Knowledge in data carving tools and techniques, with awareness of anti-forensics tactics, techniques, and procedures.
• Knowledge of processing digital forensic data and reverse engineering concepts.
• Knowledge in malware analysis tools and binary analysis.
• Knowledge in preserving evidence integrity according to standard operating procedures or national standards.
• Knowledge in using digital forensics tools and conducting forensic analyses in multiple operating system environments

D. TRAININGS & CERTIFICATIONS

• CompTIA Network+, Security+
• EC-Council CEH, ECIH, CHFI, CSA, CTIA, ECSA, LPT, CPENT
• eLearnSecurity eJPT, eCPPT, eCPTx, eWAPT, eMAPT, eCIR, eCDFP,
• any other related certifications