Senior IT Security Analyst

This role will be responsible for ensuring the company’s IT Infrastructure and sensitive information are protected in a secured manner. This role focuses on ensuring the company’s digital assets are protected securely and will play an important role in driving Information & Cyber Security transformation of the organization. You must have experience in Reverse Engineering and Malware Analysis.

Key Results Area

• Assist in maturing Vulnerability Assessment and Security Testing process of the organization. • Analyze and dissect malware samples to understand their behavior, functionality, and propagation methods, enabling effective threat mitigation strategies. • Provide timely support during security incidents by conducting rapid analysis of suspicious files, network traffic, and system logs to aid in containment and remediation efforts. • Support in developing the IT Security and Compliance program of the organization, tracking the progress and coordination between stakeholders and counterparts. • Assess the security exposure of the organization’s Digital Assets including, but not limited to, the organization’s sensitive information, systems and products. • Involve Security Monitoring and Incident Handling, Threat Hunting.

Job Description

• Conduct in-depth analysis of software binaries, firmware, and network traffic to identify security vulnerabilities, weaknesses, and potential attack vectors. • Analyze malware samples to understand their behavior, functionality, and propagation methods. • Develop and maintain in-house sandbox environments for malware analysis. • Analyze Android and iOS applications to uncover vulnerabilities, malicious code, and potential threats. • Stay updated with IT Security industry trends and assess relevance to the organization. • Keep up with the latest vulnerabilities and malware outbreaks proactively. • Develop and maintain custom tools and scripts for reverse engineering and malware analysis. • Document findings, analysis results, and recommendations in clear and concise reports • Develop and maintain metrics to measure the effectiveness of security controls • Work closely with other members of the cybersecurity team to develop and implement effective mitigation strategies for identified vulnerabilities • Provide technical expertise and guidance to other members of the cybersecurity team on emerging threats, vulnerabilities, and attack techniques and advise proactive controls upon business impact assessment • Collaborate with other teams within the organization to enhance security awareness, response, and resilience. • Perform threat hunting activities based on realistic industrial hypothesis • Respond proactively in Security Incident Response from detection to closure. Perform post-mortem on security breaches and incidents to identify the root cause and preventive actions • Conduct Security Assessments and Testing through vulnerability testing and risk analysis of Wave Money’s IT Infrastructure, sensitive information, products, and digital assets • Keep tracking on latest threat trends and advise proactive controls upon business impact assessment. • Verify the security of third-party vendors and collaborate with them to meet security requirements. • Contribute to team by accomplishing related results as needed.

Job Requirements • 3 years of work experience as a Security Analyst or similar role • Bachelor’s Degree or Higher in Computer Science or Technology; OSED, eCMAP and/or CREST certifications holders • Must have experience in Computer Forensics and Reverse Engineering • Strong understanding of assembly language (x86/x64, ARM) and low-level system internals. • Proficiency in reverse engineering tools such as IDA Pro, Ghidra, Frida or similar. • Knowledge of common security vulnerabilities and exploitation techniques. • Proven working experience of IT Compliance, Information and Cyber Security on on-prem, private cloud and public cloud environments. • Strong communication skills with the ability to explain findings and recommendations. • Ability to track vulnerability advisories and remediation status. • Strong working experience with SecOps Tools and Commercial Security Testing Tools • Previous working experience in Security Testing, Reverse Engineering, Malware Analysis, Secure Architecture review and/or Security audit. • Relevant experience in a Financial Institution will be a plus.