As a Cyber Threat Prevention Advisor in the CyberDefence SecOps team, you'll manage and oversee vulnerability processes, ensuring they are trackable and measurable with robust tool support. You'll set up and lead adequate discovery of new Shell IT assets, maintain a portfolio of tools for automated vulnerability scanning, and use the results to provide an overview of vulnerabilities in Shell IT landscapes.
Requirements
- Bachelor’s degree in Computer Science, Information Technology, or related field
- 5-8 years of total experience in IT Security including at least 3-4 years of experience in Vulnerability Assessment
- Proficient in analysing network traffic using tools such as tcpdump or wireshark
- Strong experience in using open-source scanning tools such as nmap, nessus, metasploit and/or commercial tools such as Rapid7 or Qualys
- Knowledge in integrating Vulnerability Management into modern CI/CD Pipelines with 'shift-left' strategy
- Understanding of Network Security, Cloud Security, Endpoint Security, Application Security
- Understanding Cyber Threat Landscape and analyzing Threats from various sources
- Understanding of CVE id / CVSS score and metrics
- Familiar with application of Cybersecurity Benchmarks, NIST controls, PCI controls
- Lead security research proposals and Proof Of Concepts for Emerging Technologies and assessing Fit-For-Purpose Tools.
- Understanding of Cloud Security Posture Management (CSPM)
- Expertise in operating Application security tools like Rapid7 Appspider, Netsparker
- Knowledge on CI/CD pipeline able to understand the integration of security tools and guide the developers
- Understanding of Application security design and providing guidance to developers on secure design.
- Good understating of SAST/DAST concepts and process
- Knowledge of Mobile DAST scanning and vulnerabilities and remediation consultation
- Knowledge of Splunk, SecOps VR, basic querying and creating dashboards
- Additional Skills (Good to have): PCI-DSS Compliance Scan. SecOps VR Module in ServiceNow. Linux environment experience. Azure/AWS Cloud Console. Wiz.io tool knowledge. Advanced Splunk skills.
Benefits
- Competitive starting salary and annual performance related salary increase
- Flexible working hours, and the possibility of remote/mobile working
- Paid parental leave, including for non-birthing parents
- Training and development programmes
- Diverse career opportunities in national and international teams
- Chance to work in a values-led culture that encourages you to be the best version of yourself