Senior Information Security Engineer (prop trader) Permanent

RESPONSIBILITIES:

• Collaborate with engineers to develop secure services with a focus on cryptocurrency.
• Develop/implement automated systems to help spot known security exposures.
• Consult on discovered security flaws, how to exploit them, and how to remediate flaws.
• Conduct threat mapping with respect to competitors, state-sponsors and hacktivists.
• Conduct intelligence gathering including digital, social and physical aspects.
• Conduct attack simulation exercises on a periodic basis.
• Continuous assessment around the effectiveness of defense response.
• Demonstrate use of information and access by adversaries to stakeholders.
• Ensure adherence to appropriate standards, best practices, workplace policies and procedures.
• Work effectively as a team member, providing hands on support, maintaining communication and updating senior staff on progress.
• Participate in Incident Response procedures if/when required.
• Identify opportunities for automation to eliminate repetitive tasks(Python / Bash).

SKILLS REQUIRED:

• Exposure to Unix/Linux environments a must with knowledge of commands & shell scripting a must.
• Strong understanding of the intelligence lifecycle and models including Cyber Kill Chain and MITRE ATT&CK framework.
• Experience in the cyber threat landscape, TTPs, threat actors and groups.
• Experience in threat actor and threat group profiling.
• Exposure and understanding of open source intelligence OSINT.
• Exposure and understanding of cyber threats in the financial sector.
• Exposure and understanding of underground criminal communities and dark web.
• Technical knowhow of malware reverse engineering.
• Visibility and presence in the threat intelligence community.
• Experience with SIEM technologies, threat hunting, monitoring and investigations.
• Excellent analytic and writing capabilities.
• Mentor and guide security analysts in cyber threat intelligence skills.
• Understand DeFi / Blockchain thoroughly.
• Ability to work with minimum guidance

REQUIREMENTS:

• At least 6 years of relevant experience, successfully delivering in an Enterprise environment.
• Bachelor/Masters of Engineering in Computer Science / Information Security / Cyber Security
• Network and security and tools, including IDS/IPS, NAC,DLP, VPN, firewall management and audit, endpoint, anti-malware, database audit and monitoring
• Strong experience with secure architecture design.
• Security expertise in one or more of: python, bash, C, C++, cryptography, reverse engineering, wireless networks, common web vulnerabilities (SQLi, XSS, CSRF), exploit development.
• Security applications utilized for logging, packet capture, email, directory services, web, authentication, remote access, and encryption.
• Database audit/security background is a strong plus.
• Cloud security deployment and controls.
• IT security technologies, policies, and procedures.
• Flexible to work in different time-zones, based on Business requirements.

[EA License Number] 18C9289 | [Registration Number] R155129