Cyber Security - Digital Assets Specialist
AstraZeneca
- Jalisco
- Permanente
- Tiempo completo
- Must have an understanding of OWASP, documentation and artefacts, business logic flaws. Ability to explain vulnerabilities and weaknesses and discuss effective defensive techniques.
- Must have experience of at least one of the following Cyber Security areas:
- Must have large enterprise IT experience, ideally with some Cloud and DevOps exposure.
- Able to influence at engineering, architecture, strategic and leadership levels.
- Development experience – ideally with process automation and/or configuration management
- Good understanding of agile and DevOps methodologies
- Security, compliance, and regulatory experience in a public cloud environment
- Excellent written and oral communication skills
- Experience planning, researching, and developing security policies, standards, and procedures.
- Familiarity with Security technologies including Web vulnerability scanning, system integrity monitoring, API Security, Cloud Security, etc.
- Awareness of common attack techniques and their remediation/defence including DoS, DDoS, Social engineering, Virus, Malware, Vulnerability exploitation, Phishing & Spear Phishing, Worms, Trojans, Rootkits, Ransomware, XSS, SQL Injection, Remote Command Execution, Session Hijacking, etc.
- An understanding of security protocols, cryptography, authentication, authorisation, and network security implementations
- Good understanding of Application Programming Interfaces, dependencies, authentication, and execution
- Ability to conduct post-mortem on security incidents and/or take post-mortem data to drive uplift in policies, procedures, standards.
- Cloud and/or DevOps certifications
- Experience working closely with governance, risk, compliance, and audit functions.
- Experience in working successfully in a high matrix organisation.
- Experience of patterns, reviews and design decisions that will impact cyber security across Digital Assets
- Familiarity working in and with DevOps teams.
- Familiarity with Security technologies including Vulnerability scanning, system integrity monitoring, Penetration Testing, etc
- Experience firewalls, content filtering, vulnerability management tools and platforms (Qualys, Tanium, etc.)
Hireline