Job Openings at 54gene Nigeria

Zip / Postal Code: 105102
Location: Lagos
Type: Full time
Department: Cybersecurity
Reports to: Sr Director, Cybersecurity
Industry: Biotechnology

Job Description

• We are looking for a cybersecurity analyst who will work directly with the Senior Director of Cybersecurity to deter, monitor, analyze, investigate and respond to cyber security threats and network intrusions.
• As a Cybersecurity Analyst, you will help build, secure, deploy and maintain internal policies, procedures, systems, and related tools in order to continuously improve 54gene’s security posture.

Duties and Responsibilities

• Monitor, assess and/or analyze multiple security log data from various heterogeneous security devices. This includes analysis of logs from: SIEM; Firewall; Proxies; End-point malware protection; Servers and workstations
• Other security technologies and devices
• Provide Incident Response (IR) support when analysis confirms actionable incident
• Deliver threat and vulnerability analysis as well as security advisory services
• Analyze and respond to previously undisclosed software and hardware vulnerabilities
• Investigate, document and report on information security issues and emerging trends
• Automate configuration and hardening of systems and applications
• Integrate and share information with other analysts and teams
• Participate, facilitate and deliver training and awareness to promote Information Security within the organization.

Requirements
Education and Certifications:

• Bachelor's degree in an IT related field is preferred, but not mandatory
• 4+ years of relevant experience
• Professional certifications such as, CISA / CISM / CISSP etc. would be beneficial.

Knowledge, Experience and Skills:

• Strong technical acumen with an understanding of cloud security and familiarity with security tools and processes
• Some experience with PowerShell/Python
• Prior experience with security policy, standards, and controls definition
• Experience with the following: Log management platforms, Cloud computing technologies, Enterprise Vulnerability Management Platforms, Endpoint Security suites, Data Loss Prevention Software and system hardening.
• Strong knowledge of current and emerging cyber security risks, and innovative risk management methods and solutions
• Demonstrated knowledge of industry authoritative sources such as NIST, SOC2, ISO and COBIT standards
• Ability to identify, monitor and remediate security compliance issues
• Mastery of Windows and Linux Operating systems
• Ability to thrive in a dynamic, fast-paced environment
• Ability to work efficiently and effectively under pressure
• Cross-cultural competency; ability to work with a diverse, global team

Other:

• Authorization to work in Nigeria
• The duties stated are intended to describe the general nature and level of work to be performed. They are not to be construed as an exhaustive list of all duties, responsibilities and skills required. Other related duties may be assigned within scope of ability.

go to method of application »

Zip / Postal Code: 105102
Department: Cybersecurity
Reports to: Sr Director, Cybersecurity
Industry: Biotechnology

Job Description

• We are looking for a Cybersecurity Engineer who will work directly with the Senior Director of Cybersecurity.
• This role will take the traditional vulnerability assessment and build upon it. Evaluate the security of 54gene’s networks, applications, sensitive internal systems, mobile application and data coding standards.
• Our engineer will need to go beyond the typical enumerating vulnerabilities through scanning and need to look at exploiting identified issues or discovering issues not picked up by scans.

Duties and Responsibilities

• Network, System, Application, Mobile, traditional web and wireless penetration testing.
• Testing and exploiting web app and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP and API attacks.
• Managing/facilitating security due diligence activities throughout the Application Software Development Life Cycle (SDLC) to ensure that security risks are identified and controls are implemented to mitigate risk.
• Designing and developing Cloud-specific security policies, standards and procedures e.g. Identity and Access Management (SSO, SAML), and Privilege Management, Firewall management, SSL/IPSec, Encryption Key Management (BYOK), Security incident and event management (SIEM), Data protection (DLP, encryption), Vulnerability Management in partnership with Infrastructure Services, and Application Development.
• Be a subject matter expert on security controls applicable to rapid software development methodologies and DevOps automation.
• Recommend or automate approach to streamline and integrate technological processes and/or systems to improve operational efficiency and effectiveness.
• Spread awareness and knowledge of good Information Security practices in development teams.

Requirements
Qualifications:

• Bachelor's degree in an IT related field is preferred, but not mandatory
• 4+ years of relevant experience
• CEH, OSWE or equivalents very strongly preferred.

Knowledge, Experience and Skills:

• Strong technical acumen with an understanding of cloud security, and familiarity with security tools and processes.
• Experience with penetration testing and code reviews highly desired.
• Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding required.
• A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired.
• Familiarity with Advanced Persistent Threat (APT) activity.
• In depth knowledge of Application Security, API testing, Information Security risk and industry best practices.
• Knowledge based on hands-on experience in implementing security in rapid software development methodologies (like, Agile) and DevOps automation.
• Microservice architecture expertise and best practices in securing APIs across multi-cloud environments.

Other:

• Authorization to work in Nigeria
• The duties stated are intended to describe the general nature and level of work to be performed. They are not to be construed as an exhaustive list of all duties, responsibilities and skills required. Other related duties may be assigned within scope of ability.