Logo of Huzzle

Home

Matches

Explore

Manage

IT.Security Analyst

image

The Citco Group Limited

1mo ago

  • Job
    Full-time
    Senior Level
  • Software Engineering
    IT & Cybersecurity

AI generated summary

  • You need a relevant degree or work experience, security certifications (SANS GPEN/WAPT preferred), strong tech skills, knowledge of OS/network security, and familiarity with testing tools.
  • You will conduct security testing, document results, validate findings, mentor team members, and maintain effective client relationships while enhancing your knowledge of security tools and practices.

Requirements

  • A bachelor's degree information systems or other related field; or equivalent work experience.
  • Professional security certifications such as SANS GPEN or WAPT are a plus.
  • Demonstrate a self-directed approach to learning new technologies in the field; pursue professional development.
  • Strong technical acumen in securing software and hardware.
  • Knowledge of Penetration testing tools and testing methodologies.
  • Analysis of operating system, application and network architectures to identify security vulnerabilities.
  • Extensive knowledge and experience of operating systems and distributions.
  • Windows Server and Desktop Network and domain administration, enumeration and exploitation.
  • Understanding of the TCP/IP protocol stack and many other protocols, such as routing protocols through to web services.
  • Knowledge of security issues related to many common databases including MySQL, MSSQL, MySQL and Oracle.
  • Working knowledge of application testing tools and techniques such as XSS and SQL injection.
  • Scripting and programming skills are not necessarily required but are preferred.
  • Collaborates across security groups to ensure comprehensive risk discovery and remediation.
  • Manages personal work engagements to meet project timelines.
  • Participates in group training and skill improvement.
  • Previous experience with BURP Suite, IBM AppScan and Core Impact a plus.

Responsibilities

  • Penetration Tester responsible for providing comprehensive security testing and remediation recommendations for internal engagements. Heavy focus on web application testing.
  • Interfacing with security/IT staff and business customers to evaluate security posture of projects and formulate test plans and engagement timelines.
  • Complete testing engagements, document results using approved report formats and track complete remediation of security risks identified.
  • Perform manual validation of results from automated/semi-automated tests
  • Perform manual penetration test activities as needed.
  • Complete social engineering and physical on-site assessments as directed
  • Utilize network mapping, host enumeration and scanning tools when necessary
  • Complete project work accurately and within deadlines as required.
  • Complete analysis and draw comprehensive conclusions of overall system risk, making recommendations for remediation strategy.
  • Coordinate with internal colleagues to follow up on vulnerability remediation.
  • Develop and maintain effective working relationships with clients and other team members.
  • Gain and maintain a working knowledge of the Security Products and Services
  • Continually review and enhance existing knowledge of threat analysis and investigations of common product sets and technologies
  • Research existing/emerging security tools, technology, techniques etc.al., providing regular training sessions to other analysts to enhance their capabilities and understanding
  • Actively mentor other team members
  • Assist in developing and administering team training program
  • Provide technical support to other team members
  • Support and encourage information sharing with other team personnel.
  • Participate in providing mentoring support and guidance to team members to help grow skills and capabilities.
  • Be passionate about information security and conduct research on current security topics.
  • Ability to work independently with or without direction and or supervision.
  • Portray professional demeanor. Calmness and clarity of thought under pressure and ability to maintain confidentiality.
  • Strong written and verbal communication skills.
  • Strong conceptual thinking and communication skills - the ability to conceptualize complex business and technical requirements of a given compliance or regulatory mandate into actionable approaches.
  • Demonstrate flexibility and adaptability in approach to work.
  • Accept responsibility and personal accountability.
  • Maintain good attendance and punctuality.
  • Demonstrate use of professional judgment on the job.
  • Maintain a tidy desk and work environment.
  • Ability to maintain the goals and culture of the organization.

FAQs

What is the primary responsibility of the IT Security Analyst?

The primary responsibility of the IT Security Analyst is to complete all aspects of application and network penetration testing, risk assessment, and other security activities as assigned to the Red Team, ensuring applications are free from security vulnerabilities.

Who does the IT Security Analyst report to?

The IT Security Analyst reports to the IT Security Manager, GRC.

What type of testing will the IT Security Analyst focus on?

The IT Security Analyst will have a heavy focus on web application testing as part of their penetration testing responsibilities.

What professional certifications are preferred for this position?

Professional security certifications such as SANS GPEN or WAPT are preferred for this position.

Is teamwork emphasized in this role?

Yes, teamwork is emphasized as the IT Security Analyst will work closely with development and project teams and will also mentor other team members.

What are some key skills required for the IT Security Analyst position?

Key skills required include a strong technical acumen in securing software and hardware, knowledge of penetration testing tools and methodologies, and the ability to analyze operating system and network architectures for vulnerabilities.

Will the IT Security Analyst be involved in training others?

Yes, the IT Security Analyst will actively mentor team members and assist in developing and administering the team training program.

What is expected regarding communication skills for this role?

Strong written and verbal communication skills are expected, as well as the ability to convey complex business and technical requirements clearly.

Are there any programming or scripting skills required?

While scripting and programming skills are preferred, they are not necessarily required for the role.

What is the work environment like for the IT Security Analyst?

The work environment is described as friendly and fast-paced, offering a challenging role in an international company.

What does the job offer in terms of professional growth?

The job offers an opportunity to expand business knowledge by working with prestigious clients and complex financial and technological instruments, as well as personal and professional development in the field of cybersecurity.

image

The Citco Group Limited

The Citco group of companies provides a broad range of financial services for hedge funds, administration, PE & more.

Finance
Industry
5001-10,000
Employees

Mission & Purpose

The Citco Group Limited is a company specialising in financial services, with a particular focus on fund administration, corporate services, and related financial solutions. The company's core activities include assisting clients in managing and administering investment funds, as well as providing corporate and fiduciary services to businesses. Citco's ultimate goal is to be a trusted partner for their clients in navigating the complexities of the financial industry, offering expert support in fund management and corporate services. Their purpose revolves around delivering high-quality, tailored financial solutions that enable clients to succeed in a competitive market, manage their assets efficiently, and meet regulatory requirements. Through their services, Citco aims to facilitate the growth and success of businesses and investment funds.