Listing Description
Job Description
Ensure BAEMIN security:
- Implement programs to proactively detect and reduce potential threats and strengthen the BAEMIN security resilience;
- Ensure BAEMIN products and systems to the highest security standards following the design of secure service and processes;
- Perform technical security assessments, code reviews and vulnerability testing to highlight risk;
- Conduct research to identify new security hole against BAEMIN’s products and services by proactively collaborating with software engineers to fix security flaws and vulnerabilities;
- Organize Security Awareness Training for internal as well as execute and operate the phishing assessment program;
- Evaluating the effectiveness of existing cybersecurity training, education, and awareness programs/activities and consistently improving upon communication;
- Promote the information security and data governance culture within the business by being pro-actively involved with the stakeholders.
JOB REQUIREMENT
Education: A Bachelor’s degree in Computer Science/ Information Technology/ Management Information System, or experiences in related fields.
Experience:
- 1 or 3 years experience in cybersecurity
- Development knowledge with the OS (Python, bash, PowerShell),
- Security knowledge on Web, OS, infra, Mobile applications and network.
Skills/Knowledge
- You prefer to be a Web Security Tester /RED Team player or having experience as BLUE Team member (want to change career path)
- Strong knownledge about basic Security Concepts
- Good to have CEH/GWAPT/CompTIA Security+ or similar,
- Understand vulnerabilities assessment report, the context and hypothesis of their exploitation for better security risk assessment. Be able to advise on vulnerability remediation or mitigation
- Define and lead the operational tests and regular checks, automate and industrialize scanning processes
- Technical watch: stay up to date on new vulnerabilities, new attacks ways, new attack vectors and patching state.
- Be able to identify the risk for the business or familiar with Common Vulnerability Scoring System (CVSS)
- Be able to lead OSINT projects and crawl the web to find public vulnerabilities on Bouygues' IS
- Familiar with any Security Standard like OWASP/CIS/NIST/MITRE…
- Experience with security tool:
o Scanning tool
o Audit tool
o Assessment tool
o Request/response capture tool (Web app testing)
Attitude
- High learning agility and real passion for coding and programming, innovation, and solving challenging problems;
- High adaptability and flexibility to the rapid changes of the business;
- High responsibility and diligence;
- Intellectual curiosity;
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided