Security Analyst (Junior Level) at uLesson

Job Description

• We are seeking a product-focused Security Analyst to join our engineering team. As Security Analyst, you will be assisting in the performance of periodic vulnerability assessments and penetration testing to continuously analyze and improve the security posture of applications and networks in the enterprise.
• Overall, you will be joining a team of 20+ members, including Product Managers, Product Designers, Frontend, Backend, Web & Mobile Engineers as well as QA engineers. Our goal is to ship quickly and iteratively as we deliver continuous value to our customers.
• The team functions using agile methodologies and is very high on ownership and collaboration

Key Responsibilities

• Assist in the performance of periodic vulnerability assessments and penetration testing to continuously analyze and improve the security posture of applications and networks in the enterprise.
• Perform scheduled and impromptu, internal and external system audits.
• Analyze security breaches to identify root cause.
• Recommend mitigation for vulnerabilities discovered and verify solutions recommended are implemented.
• Document results of tests for the product, engineering team and executive management.
• Work together with the software developer and engineering team to obtain clarification and understand architecture.
• Undertake load and performance testing for API and databases in use.
• Record and enhance the load test scripts.
• Stay up-to-date on information technology trends and security standards with a view to recommending relevant practice to the organization.
• Facilitate and conduct periodic staff cyber security awareness training.
• Continuously update the organizations incident response and disaster recovery plans.
• Work closely with a variety of internal and external stakeholders to acquire and exchange information on Cybersecurity issues, processes, and best practices.

Qualifications and Skills

• Minimum of 2 years experience in vulnerability assessments and penetration testing.
• Extensive knowledge and verifiable application of the ethical hacking methodology on previous engagements.
• Extensive working knowledge of web and mobile applications and technologies.
• A broad based understanding of software technologies.
• Knowledge of and experience with mitigating vulnerabilities inherent to varying clients such as web and mobile devices (android & ios mobile applications).
• Understanding of application programming languages, application servers, web services.
• Understanding of patch management with the ability to facilitate deployment of patches in a timely manner with an understanding of business impact.
• Understand the concepts of distributed performance testing.
• Proficient in the use of JMETER load testing tool and extension of functionality using scripts and plug-ins.
• Knowledge of and experience with Common Vulnerabilities and Exposures (CVE) and Open Web Application Security Project (OWASP) processes and remediation recommendations.
• Experience with application and network security testing tools and exploitation frameworks such as Nessus, OWASP Zap, NMAP, BurpSuite, Wireshark and Metasploit.
• Knowledge of and experience with API testing and the OWASP API risk advisory.
• Strong vulnerability assessment test result analysis skills, and test results reporting skills.
• Excellent written and verbal communication skills.
• Strong project and time management skills with a track record of being able to deliver within agreed timelines.
• Detail-oriented, with the ability to prioritize effectively.
• Ability to work well within teams and thrive in a fast-paced environment.

Compensation
N400,000 / Monthly.