Cyber Security Engineering Job at Cytonn
Cytonn Technologies (CT) is the Technology affiliate of Cytonn Investments, an alternative investments management firm with offices in Nairobi – Kenya and the D.C. Metro Area in the US. Cytonn Technologies is a respected technology solutions provider that offers innovative, differentiated and efficient technology products and support, web-based solutions and integrated business solutions.
To manage our growing Technology needs, the firm is inviting applications from talented Cyber Security Engineers to join its competitive team of engineers in Cytonn Technologies.
The successful candidate will have an opportunity to participate in our share ownership plan.
Cyber Security Engineering Job Responsibilities
- Cyber Threat Engineer will work on all systems and/or projects within the organization responsible for providing Cyber Security Threat detection utilizing network and host based Computer Security tools, appliances and end point products
- Perform static code analysis (SCA) on applications to identify vulnerabilities and report to software engineers for fixing
- Set up and monitor applications for intrusion detection and protect applications against common vulnerabilities
- Secure application infrastructure (servers and databases) against intrusion, ensuring they’re regularly patched against known vulnerabilities
- Manage vulnerability reporting in all applications and systems, including open source software that the applications run on
- Perform analysis of all security systems log files, review and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and modify new and current cyber security correlation rule sets, and operate security equipment and technology
- Document security incidents as identified in the incident response rules and escalate to management as required
- Monitor key security infrastructure elements, identify security events, perform analysis, and initiate response activities
- Perform packet analysis by identifying malformed packets and the payload of the packet
- Integrate security products, including designs for all organizational networks as well as designing, engineering, planning, integrating, configuring, testing and deploying
- Maintain system baselines and configuration management items, including security event monitoring “policies” in a manner determined by the program management
- Provide documentation and interaction with other analysts and Operations and Maintenance personnel to ensure a complete and functioning system that meets requirements
- Perform software testing (patches, other updates)
- Troubleshoot OSI layer and TCP/IP related problems
- Develop automation scripts to handle and track incidents.
- Any other duties as may be assigned from time to time
Requirements for the Cyber Security Engineering Job
- Bachelor’s degree in Computer Science, Information Systems or specialized training/certification. Or equivalent work experience.
- Typically requires 1 or more year of related technical experience.
- Experience in application security, preferably a software security role
- Expertise with browser security controls (CSP, XFO, HSTS), web application security topics such as OWASP
- Top 10, and authentication infrastructure (SAML, OAUTH)
- Knowledgeable with back end security topics such as secret management and service authentication
- Experience building tools and processes to reliably identify security issues such as SQL injection, XSS, CSRF, and business logic flaws across large code bases
- Experience supporting a major system.
- Good understanding of IT and Risk Management Framework a plus. Certified Information Systems Security
- Professional (CISSP)
- Expert skills in data analysis and data mining.
- Must be well versed in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks
- Experience leading teams
- Should be good in intrusion prevention and detection systems and configuring them in firewalls.
- Should be good in network design and development and network hardening to avert security threats.
How to Apply