Job opportunity in Evamp & Saanga:
Review software changes and state their impact on certain programs in the system Assess vulnerabilities and work with developers to fix them
• Participates in the organization’s disaster recovery, business continuity, and incident response plans for information systems
• Promotes activities to foster information security awareness within the organization
• Participates in internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies (i.e. directory services, database platforms, web services, firewalls, remote access, etc)
• Works with information security management to administer, maintain, and continuously improve internal controls and compliance programs, investigate known or suspected security incidents, support internal and external audits.
• Ensure reports and findings are delivered in a timely and appropriate manner to management.
• Participate in a variety of projects while being responsible, with a team, in implementing, administering, etc. pragmatic information security controls to meet dynamic tactical and strategic information security objectives.
Information Security Certifications are desirable but not necessary Knowledge and experience of OWASP tools and methodologies · Knowledge of experience of working with penetration testing tools and techniques · Understanding of HTTP and web programming · Knowledge of common security requirements within web and mobile applications for different platforms and programming languages · Knowledge of standard SDLC practices · Ability to complete tasks and deliver professionally written reports for clients · Ability to present findings to technical staff and executives · Strong ethics and understanding of ethics in business and information security · Proficient English language written and oral communication skills
Evamp & Saanga is leading ICT solution provider and The Information Security Department serves as the process owner for all activities related to availability, integrity, and confidentiality of customer, employee, and business information in compliance with the various information security policies and procedures. The Junior Information Security Engineer will carry out the responsibilities of the position in accordance with Information Security Policies and Procedures. They will work with the Information Security Committee to ensure cooperative efforts are being made with all partners as appropriate.