Major Tasks and Responsibilities

• Conducts internal Penetration testing exercises on a regular basis.
• Identifies applications/systems/networks that do deviate from acceptable configurations and regulatory requirements.
• Measures the effectiveness of Defense-in-Depth (DiD) architecture against known vulnerabilities.
• Conducts required security views as appropriate within the TMT environment.
• Manages and operates patch management tools.
• Develops checklists/ playbooks for mitigating common vulnerabilities.
• Performs technical (evaluation of technology) and non-technical (operations) risk and vulnerability assessments of relevant technology focus areas (e.g., Telco, local computing environment, network and infrastructure, supporting infrastructure, and applications)
• Conducts technical reviews of continuous audit and vulnerability assessment data and collaborates with stakeholders to inform prioritized patch management based on risk and impact.
• Performs quality inspections and walkthroughs throughout the SDLC, including requirements review, architecture review, design review, code review, and security review to ensure compliance with TNM standards.

Educational and Professional Requirements

• Minimum of B.Sc. Degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent.
• Sound knowledge of OWASP Web and Mobile top 10 vulnerabilities.
• Advanced knowledge of ethical hacking principles and techniques.
• Accurate knowledge of network protocols.
• Minimum of 2 years work experience in a related field.