SECURITY ENGINEER - ANALYST
Since 1993, Netcracker Technology has been developing and implementing unique IT solutions for more than 250 customers worldwide, mostly telecom providers. We create dozens of innovative products and lead the global market of BSS/OSS solutions ready to be used in the cloud environment. Our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the cloud's opportunities, virtualization, and the changing mobile ecosystem.
Why join our team:
• Work on design, development, and customization of mission-critical solutions to world-leading telecom companies
• Implement and support innovative technologies such as 5G, eSIM, Internet access by satellites in low Earth orbit, IoT, etc.
• Get unlimited opportunities for professional and career development in a global company
What we are looking for:
We are looking for security analysts to join our international Application security team and take leading roles in building of mature and protected solutions for Telco. The primary focus will be at security design and verification of NC solutions in alignment with customer requirements, Netcracker best practices and industry security standards. Working with Netcracker solutions that process personal and other sensitive data in various functional domains like customer self-service portals, CRM, Service Fulfillment, payment portals, telecom billing and Cloud solutions. A successful candidate will be involved into activities ranging from security design reviews and threat modelling to security hardening and security acceptance.
What you’ll do:
- Manage security requirements for Netcracker software solutions;
- Risk, threat and Vulnerability assessment of enterprise applications;
- Access control matrix design;
- Security acceptance planning and control. Including prioritization of SAST, DAST and manual pen test issues using CVSS v3, composing and presentation of a report;
- Working closely with all the stakeholders for implementation of security standards and process;
- Security documentation development and support;
- Participate in improvements of security tools and processes;
- Share security knowledge across the organization.
Background and Skills:
- BE in Comp/E&T, IT or related area , IT Security specialization , MCA or higher degree;
- 4+ year experience in Security or Secure software development is added advantage;
- 4+ years in system analysis (e.g. IT, business processes, consulting ...);
- Good understanding of general security concepts including: threat, vulnerability, risk, segregation of duties, need to know principle, CIA, access control policy types, cryptography concepts and practical implementations;
- Excellent verbal and written communication. Strong analytical skills and ability to dive into technical;
- Knowledge of security industry standards and laws - GDPR, PCI-DSS, NIST 800, ISO 27000, OWASP;
- Knowledge of infrastructure security tools (FW, IPS, SIEM, etc) is an advantage;
- Threat or business modelling methodology is an advantage.
Experience we are interested in:
- OWASP, CEH (Certified Ethical Hacker), Burp, Nessus, Qualys, IBM AppScan, SAST/DAST;
- Security engineers/developers. Create security services. Cryptography (RSA, DES, AES), OAuth 2.0, Open ID, SSO, Kerberos;
- Security analyst. Risk assessment, threat modelling, policy development, access control design.
• Competitive salary
• Medical insurance
• More than 300 hard and soft-skills programs by the corporate career development center
• Open environment and encouraging knowledge sharing culture
• Opportunity to practice foreign languages daily
• Flexible working hours and an opportunity to work remotely