Description :
Grade Level: L2
Location: Islamabad
Last date to apply: Jan 22nd, 2023
What is Expert Cyber Security & Pen Tester?
Cyber Security Application & Pen Tester Expert is responsible to evaluate and plan mitigations of different information security related risk to Jazz digital application & portals and plan/propose/implement cyber security solutions to address those risks. Main responsibility of this role is to analyze and effectively implement different application security control to protect organization from different threats.
The role reports directly to the Stream Head Cyber Security with an extended team of 10 team members.
What does Expert Cyber Security & Pen Tester?
- Design, develop and maintain a robust application security framework for Jazz digital Apps
- Identify loop holes in the developer/security systems of built servers, web portals/dashboards, user applications of Jazz.
- Ensures the security / data protection for applications vulnerable to external hackers.
- Detects bugs/errors embedded in the source code of android/iOS/other language based apps.
- Analyse and test portals and apps for business logic flaws
- Analyse the communication path/matrix of applications to track host servers and IP addresses accordingly.
- Performs relevant preventive measures to protect leakage of confidential/sensitive information.
- Reports cyber scams, phishing /malicious links/ contents and financial fraudulent activities with relevant evidences to concerned authorities. These responsibilities are carried out with the objective ensure safety of confidential and sensitive organizational data and prevention from Internet scams and frauds accordingly for smooth business processes within the limits of organization’s SOP, departmental KPIs and operating frameworks, directions and guidelines from supervisor and line managers.
Jazz is an equal opportunity employer. We celebrate, support, and thrive on diversity and are committed to creating an inclusive environment for all employees
Requirements
- BS/MS in information security/Information Technology
- Practical experience of Application security testing in banking / Telco sector
- Experience in planning and execution of security projects
- Security Penetration testing certifications e.g. OSCP
· Functional
- Ability to organize, plan and document tasks;
- Ability to manage internal & external stakeholders;
- Possess good logical and analytical skills to help in analysis of Cyber Security risks
· Technical
- In depth knowledge of vulnerability assessment and penetration testing
- Detailed knowledge of static & dynamic code analysis
- Understanding of software development lifecycle
- Understanding of testing business logic flaws in applications
- Experience in security testing of Android and iOS based Apps
- Strong security risk management skills;
- In depth knowledge of the TCP/IP protocol stack and understanding of TCP/IP services (SMTP, DNS etc.) and port details (25, 53 etc.) of commonly used TCP/IP applications;
- In depth knowledge of network and system security controls
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
- Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
- Skill in conducting trend analysis and reporting.
Why Join Jazz?
As one of the leading employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle, and continuous learning and development.
Our core values include qualities essential for a positive organizational culture - truthfully guiding entrepreneurial and innovative mindsets, harnessing professional and interpersonal collaboration, and fostering across-the-board customer-obsession.
As one of the largest private sector organizations in Pakistan, our objective is to continue to change the lives of our 75 million customers for the better. This is an opportunity for someone who wants to be part of something transformative, someone who can play a critical role in driving our success. Together, we can empower millions more with the tools necessary to progress in an increasingly digital economy.
