Senior IT Security Analyst ( Reverse Engineering and Malware Analysis)

Position Summary

IT Security Analyst will be responsible for ensuring the companys IT Infrastructure and sensitive information are protected in a secured manner. This role focuses on ensuring the companys digital assets are protected securely and will play an important role in driving Information & Cyber Security transformation of the organization.

Key Results Area

• Assist in maturing Vulnerability Assessment and Security Testing process of the organization.
• Analyze and dissect malware samples to understand their behavior, functionality, and propagation methods, enabling effective threat mitigation strategies.
• Provide timely support during security incidents by conducting rapid analysis of suspicious files, network traffic, and system logs to aid in containment and remediation efforts.
• Support in developing the IT Security and Compliance program of the organization, tracking the progress and coordination between stakeholders and counterparts.
• Assess the security exposure of the organizations Digital Assets including, but not limited to, the organizations sensitive information, systems and products. 
• Involve Security Monitoring and Incident Handling, Threat Hunting

Job Description

• Conduct in-depth analysis of software binaries, firmware, and network traffic to identify security vulnerabilities, weaknesses, and potential attack vectors.
• Analyze malware samples to understand their behavior, functionality, and propagation methods.
• Develop and maintain in-house sandbox environments for malware analysis.
• Analyze Android and iOS applications to uncover vulnerabilities, malicious code, and potential
  threats.
• Stay updated with IT Security industry trends and assess relevance to the organization.
• Keep up with the latest vulnerabilities and malware outbreaks proactively.
• Develop and maintain custom tools and scripts for reverse engineering and malware analysis.
• Document findings, analysis results, and recommendations in clear and concise reports
• Develop and maintain metrics to measure the effectiveness of security controls
• Work closely with other members of the cybersecurity team to develop and implement effective mitigation strategies for identified vulnerabilities
• Provide technical expertise and guidance to other members of the cybersecurity team on emerging threats, vulnerabilities, and attack techniques and advise proactive controls upon business impact assessment
• Collaborate with other teams within the organization to enhance security awareness, response, and resilience.
• Perform threat hunting activities based on realistic industrial hypothesis
• Respond proactively in Security Incident Response from detection to closure. Perform post mortem on security breaches and incidents to identify the root cause and preventive actions
• Conduct Security Assessments and Testing through vulnerability testing and risk analysis of the company.
• IT Infrastructure, sensitive information, products, and digital assets
• Keep tracking on latest threat trends and advise proactive controls upon business impact assessment.
• Verify the security of third-party vendors and collaborate with them to meet security requirements.
• Contribute to team by accomplishing related results as needed

Job Requirements

• 5 years experience as a Security Analyst or similar role
• Bachelors Degree or Higher in Computer Science or Technology; OSED, eCMAP and/or CREST certifications certifications holders
• Ethical Hacking, Intrusion Prevention, Incident Response, Computer Forensics, Reverse Engineering
• Strong understanding of assembly language (x86/x64, ARM) and low-level system internals.
• Proficiency in reverse engineering tools such as IDA Pro, Ghidra, Frida or similar.
• Knowledge of common security vulnerabilities and exploitation techniques.
• Proven working experience of IT Compliance, Information and Cyber Security on on-prem, private cloud and public cloud environments.
• Strong communication skills with the ability to explain findings and recommendations.
• Ability to track vulnerability advisories and remediation status.
• Strong working experience with SecOps Tools and Commercial Security Testing Tools
• Previous working experience in Security Testing, Reverse Engineering, Malware Analysis, Secure Architecture review and/or Security audit.
• Relevant experience in a Financial Institution will be a plus.
• Language Requirement: English (written and verbal)