MapleCloud Technologies - Senior Cyber Security Analyst - OSCP/CEH Certified (3-5 yrs)

Job Description : Senior Cyber Security Analyst.

Position Title : Cyber Security Analyst.

Experience Required : Minimum 3 years.

Certifications Required : OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker).

Role Overview :

As a Cyber Security Analyst, you will be responsible for simulating cyberattacks on organization's networks, systems, and applications to identify vulnerabilities before they can be exploited by malicious actors.

You will work closely with security teams to recommend solutions for mitigating discovered risks and improving the overall security posture. The ideal candidate will have a deep understanding of attack methodologies, tools, and techniques, along with a passion for cybersecurity and ethical hacking.

Key Responsibilities :

Threat detection and response :

- Monitor and analyze security alerts to identify potential threats.

- Respond to and mitigate security incidents in real-time.

Vulnerability Management :

- Conduct vulnerability assessments and penetration testing to uncover weaknesses in systems.

- Collaborate with IT teams to implement effective solutions.

Penetration Testing :

- Perform thorough penetration tests on internal and external systems, networks, and applications to identify vulnerabilities and weaknesses.

Reporting :

- Document findings, vulnerabilities, and attack vectors in detailed penetration testing reports.

Exploit Development :

- Develop and test custom exploits for identified vulnerabilities, where necessary, to validate the severity of discovered issues.

Security Infrastructure Management :

- Configure, manage, and optimize firewalls, intrusion detection/prevention systems, and other security tools.

- Regularly review and update security policies and procedures.

Compliance and Risk Management :

- Ensure compliance with relevant security frameworks and standards (i.e., ISO 27001, GDPR, NIST).

- Conduct risk assessments and recommend mitigating strategies.

Training and Awareness :

- Educate internal teams on best practices for cybersecurity.

- Stay updated with the latest trends, tools, and techniques in the cybersecurity landscape.

Required Qualifications and Skills :

- Certifications : OSCP CPENT, CRTP, and CEH (mandatory).

- Experience : 3 to 8 years of hands-on experience in cybersecurity roles.

Technical Skills :

- Proficient in penetration testing tools such as Burp Suite, Kali Linux, Metasploit, Nmap, Wireshark, Nessus, and others.

- In-depth knowledge of web application security, network security, cloud security, and mobile security.

- Hands-on experience in performing security assessments on various platforms (Linux, Windows, macOS).

- Knowledge of common attack vectors (i.e., SQL injection, XSS, CSRF, privilege escalation, etc.

- Understanding secure development practices and DevSecOps methodologies.

- Familiarity with bypassing security mechanisms, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.

- Strong understanding of network protocols, encryption standards, and cloud security.

Soft Skills :

- Strong analytical and problem-solving abilities.

- Excellent communication and documentation skills.

Preferred Skills :

- Knowledge of scripting languages (i.e., Python, Bash, PowerShell).

- Experience with forensic tools and techniques.

- Familiarity with industry regulations and compliance standards (i.e., PCI-DSS, GDPR, HIPAA, NIST, ISO 27001).

Why Join Us :

- Opportunity to work on cutting-edge security projects.

- Collaborative and innovative work environment.

- Competitive salary and benefits package.