Ethical Hacker at CapitalSage Technology Limited

Key Responsibilities:

• Conduct comprehensive security assessments on Ercas' systems, applications, and networks to identify vulnerabilities.
• Perform penetration testing, vulnerability scanning, and security audits to uncover potential threats.
• Develop and implement robust security protocols and measures to safeguard sensitive financial data.
• Collaborate with development and IT teams to remediate identified vulnerabilities and ensure secure coding practices.
• Stay updated on the latest cybersecurity trends, threats, and technologies to continuously improve Ercas' security posture.
• Provide detailed reports and recommendations on vulnerabilities, risks, and corrective actions.
• Assist in the development and maintenance of security policies, procedures, and best practices.
• Conduct security training and awareness programs for employees to promote a culture of security within the organization.
• Work closely with external security vendors and partners to coordinate security efforts and manage third-party risk assessments.
• Respond promptly to security incidents and conduct thorough investigations to determine the root cause and mitigate any potential damage.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Advanced degrees or relevant certifications (e.g., CEH, CISSP, OSCP) are preferred.
• Minimum of 5years experience as an Ethical Hacker, Penetration Tester, or similar role, preferably within the fintech industry.
• In-depth knowledge of cybersecurity principles, attack vectors, and mitigation techniques.
• Strong proficiency in various security tools and technologies, including but not limited to vulnerability scanners, penetration testing frameworks, and intrusion detection systems.
• Hands-on experience with programming languages such as Python, Java, C++, or others relevant to cybersecurity tasks. Excellent problem-solving skills and the ability to think like a malicious hacker to anticipate potential threats.
• Strong understanding of network protocols, operating systems, and web technologies.
• Exceptional communication skills, both written and verbal, with the ability to convey complex security concepts to non-technical stakeholders.
• High ethical standards and a commitment to maintaining the confidentiality and integrity of sensitive information.
• Ability to work independently and as part of a collaborative team in a fast-paced and dynamic environment.
• Experience with cloud security and securing cloud-based applications and infrastructure.
• Knowledge of regulatory requirements and standards such as GDPR, PCI-DSS, and ISO 27001.
• Familiarity with blockchain technology and its security implications.
• Experience in conducting social engineering assessments and phishing simulations.
• Understanding of secure software development lifecycle (SDLC) methodologies.
• Proactive attitude towards continuous learning and professional development in cybersecurity.