דרושים

Head of Ethical Hackers Team

 

 

 

IPV Security is seeking a Team Leader of Ethical Hackers (penetration testers)

Description:

The Team Leader should be an experienced Ethical Hacker himself.

He/She will lead and be part of the Ethical Hacker team.

He/she will be someone who would conduct Manual Penetration Tests on a wide range of IT infrastructure, products, networks, devices, applications and assess the effectiveness of information security controls and tools at customers’ sites.

  • The team leader will lead internal and external security assessments and penetration tests, including mobile, wireless, network and application penetration tests.
  • Train and support junior penetration testing staff.
  • Lead penetration tests against systems of extreme complexity.
  • Write reports documenting the findings including all vulnerabilities, potential issues, and strengths found during the test.
  • Drive the discovery of new vulnerability exploitation techniques.
  • Develop new and custom techniques for various types of security assessments and penetration tests.

Qualifications

Must have a minimum experience of having executed Penetration & Resilience testing, in all of the following areas of expertise:

  • Network
  • External
  • Virtual
  • Mobile
  • Windows, Linux, Active Directory
  • AWS
  • NAC Bypass
  • Wireless enterprise environments
  • Applications and website
  • Expert knowledge of the Kali Linux suite of penetration test tools.
  • 2-4 Years of experience of being either a Team Leader or a Project Manager.
  • Professional certifications such as CEH, CPT, CISSP or equivalent.

Skills

  • Must be self-managed and able to work both autonomously and also as part of a team.
  • Be able to present plans and ideas in a concise and accurate manner.
  • Excellent verbal and writing abilities, both in Hebrew and in English.

Please send CV to nbarel@ipvsecurity.com

 

Chief Information Security officer

As Chief Information Security officer, you will guide the design, development, and deployment of secure technical architectures,

security policies, standards, and awareness programs, Monitor the effectiveness of the security program, processes, and controls in place. Evaluate cyber risk investments. partner with the business to align business and information security strategies, and capture the value of security investments to safeguard enterprise assets. Understand the implications of new or emerging threats, identify cyber risks that arise as the business advances new strategies. drive the enterprise to continuously improve its security decision-making and risk mitigation capabilities

 Responsibilities:

  • Develop, implement and monitor enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization
  • Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices
  • Develop and enhance an information security management framework based on common standards such as ISO 2700X, NIST, GDPR. And Data Privacy
  • Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals
  • Develop ongoing security controls
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security
  • Facilitate information security governance, including the formation of an information security steering committee or advisory board
  • Evaluate, Architect, design, implement and support security-focused tools and services including project leadership roles
  • Evaluate and recommend new and emerging security products and technologies
  • Participate in incident handling
  • Audit the affectivity and implementation of information security controls

Qualifications:

  • Excellent communication and project management skills a must
  • Demonstrated leadership skills with the ability to work independently and collaboratively across various levels
  • 3 + years of experience working with security controls across security domains such as access management, encryption methods, vulnerability management, network and endpoint security, etc.
  • 2 + years as a CISO or Information security team leader
  • Experience in developing information security policies and procedures
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST
  • Professional security management certification, such as a CISO, CISSP, CISM, CISA
  • Have an ardent desire to learn continually and grow professionally
  • Security consulting experience or related professional services/consulting background strongly preferred
  • Fluent with English and Hebrew speaking, reading and writing

 Please send CV to: nbarel@ipvsecurity.com