Job closed
Job description / Role
Role Profile:
To manage a function within the eGroup Department to achieve business goals and objectives.
The below Key Performance Areas include but are not limited to:
Maintain information security function to ensure information assurance, support, develop and implement comprehensive information security framework.
* Manage Vulnerability assessments and penetration tests for organization's web and mobile applications, networks and infrastructures, logical security audits.
* Managing research and analysis of vulnerabilities and penetration test results.
* Review vulnerability assessment reports and suggest priorities, impact on business and analyze for any exceptions.
* Manage security assessments, provide hardening and remediation plans for Vulturized environment, OS, application servers, databases and network devices.
* Perform social engineering attacks.
* Keep updated on zero day attacks, evolving vulnerabilities and threats.
* Schedule tests and communicate with business for VAPT, retests and verification assessments.
* Review remediation plans and controls suggested in reports for closing of vulnerabilities.
* Assist security incident response activities.
* Assist in technical investigations of IS related incidents.
* Manage forensics investigations as per the requirements.
Requirements
* Post Graduate/graduate in Information Security or IT related field.
* Preferred certifications: OSCP, CEH, LPT, SANS penetration testing certifications like GPEN, GWAPT, GMOB.
* Sound experience in performing manual penetration testing: authentication bypass, injection scripting attacks and OWASP top 10 vulnerabilities.
* Experience in Vulnerability assessment and penetration testing tools like: Nexpose, Nessus, Qualys, nmap, wireshark, BSQL, BurpSuit, OWASP ZAP.
* Extensive knowledge of OWASP top 10, best practices, methodologies and architectures.
* Excellent communication skills and attention to details.
* Ability to explain vulnerabilities to executives and developers in simple and understandable format.
* Good understanding of programming languages and ability to conduct code reviews.
* Good knowledge of OSI model.
* Good understanding of Antivirus, Firewall, Intrusion Detection.
* Knowledge of forensic tools and investigative methods to find specific electronic data.
About the Company
As a leading international franchise operator, with nearly 90 of the world’s most recognised brands in its portfolio, Alshaya Group brings great shopping, dining, leisure and hospitality experiences to millions of customers across the Middle East & North Africa, Russia, Turkey, Europe and beyond.
Alshaya Group is a dynamic multinational business and family owned enterprise with a consistent record of growth and innovation. For 35 years, Alshaya has been a pioneering force in brand franchising, using its exceptional knowledge and experience to expand at pace.
Our portfolio of well-loved international brands includes Starbucks, H&M, Mothercare, Debenhams, American Eagle Outfitters, P.F. Chang’s, The Cheesecake Factory, The Body Shop, M.A.C, Victoria’s Secret, Boots, Pottery Barn, KidZania and, coming soon, Hampton by Hilton.
From one retail franchise store opened in Kuwait in 1983, Alshaya Group has consistently grown and diversified and today offers customers an unparalleled choice of brands across multiple sectors; Fashion & Footwear, Health & Beauty, Food, Optics, Pharmacy, Home Furnishings, Leisure & Entertainment, and Hotels. A diverse, skilled team of 53,000 people from 120 nationalities support more than 4,000 stores, cafes, restaurants and leisure destinations, a growing online business and a commitment to delivering great customer experiences.