RecruitGibraltar are currently recruiting for a Vulnerability Analyst to join a leading online betting and gaming company, with a strong track record of digital innovation. As a pure online business with a mobile first ethos that brings the excitement of sports betting, casino games, poker and bingo to a rapidly growing number of customers in the leisure betting and gaming market; they have sustained rapid growth over the last few years and are expanding further.
What is the plan for the Vulnerability Analyst role?
This role works closely with teams across the group to identify and correct security vulnerabilities, ensuring that systems and devices are properly maintained in order to reduce the possibilities of malicious actors to compromise them. In addition, it will keep probing the company’s infrastructure to detect flaws that will affect our security posture.
The role takes a hands-on approach to identify any known flaws on our current infrastructure and applications and develop the technical designs to mitigate them.
What will you do as a Vulnerability Analyst ?
Operate vulnerability management infrastructure
Oversee external security testing providers
Execute security tests against the organization's applications
Review, Track and mitigate identified vulnerabilities
Follow-up on identified issues until bringing them to closure
Monitor the patch level of the company servers and devices
Stay up to date with new vulnerabilities being disclosed that affect our state
Develop/Adapt exploits to prove the criticality of disclosed vulnerabilities against our systems
Regularly undergo red teaming activities to test and evaluate the effectiveness of security policies and controls
Investigate attack trends that might affect our organization
Make sure the company is meeting all the regulatory requirements in terms of vulnerability assessments
What do you know that makes you a great Vulnerability Analyst ?
The role requires a team player with strong technical foundations, hands-on information security skills, attention to detail and good problem solving skills.
At least one year experience in a similar Information Security position
Vulnerability research and exploitation skills
Experience in security assessments
Experience developing security tools and open source projects
Attention to detail and good problem solving skills
Red team experience
Outstanding knowledge of the technical foundations behind networking, operating systems and applications
Other networking protocols
Good understanding of Information Security processes and theory
Good communication skills and customer-facing experience
Experience in the following areas:
Traffic and packet analysis
Security Certification (GIAC, OSCP, etc.) or similar qualification
Experience integrating assessment results with SIM tools
Online Gaming security experience
Experience in forensic analysis
Experience securing Microsoft protocols
Regulatory and industry standards work: ISO27001, PCI-DSS, etc.
Other relevant professional qualifications will be considered, although not a requirement, e.g. CISA, CISM, CISSP, GIAC, etc.
Salary based on experience with bonus & an excellent relocation and benefits package.