Project Overview:

The Client is one of the largest financial institutions in the Kingdom of Saudi Arabia and the Middle East.
Established in 1957, the Bank aims to be the most innovative and trusted financial solutions partner for its clients. The Bank provides a comprehensive range of products and services fully compliant with the Islamic Sharia’ to meet the needs of both retail and corporate customers, including small and medium-size enterprises. As well, it plays a leading role in various areas of finance and investment around Saudi Arabia, that is why we are distinguished as a leading financier and arranger of syndicated loans in the oil, petrochemicals, and most of the Kingdom’s notable infrastructure projects.

The project aims to develop a fully digitalized, easy-to-use ecosystem that supports the customer across the home buying journey. The features include :

  • Search for properties on partner portals;
  • Integrated eligibility checks with all relevant entities;
  • Apply and receive instant in-principle approval;
  • Initiate application through integrated broker partner;
  • Get additional post-sales support including Furnishing, designing…etc;
  • Plan repayment and request for house maintenance support.
Рекрутер
Дмитро Поляков
Responsibilities:

In this role, you will be responsible for developing and implementing logical and scalable REST based web API using the micro-services architecture. You should have strong understanding of the micro services principles and choice of correct strategy to build up services for the next decade. You will be keeping the security as one of the key acceptance criteria of your deliverables. You will also be responsible for profiling and improving performance and documenting the codebase. You should be able to foresee the potential issues coming in future due to load and performance and make account for that in your technical design.

Description:
The resources would work on multiple initiatives on the bank during the security testing phase and get the pentation test activity completed before the initiatives goes live. Penetration test would include conducting authorized attempts to penetrate computer systems or networks using realistic threat techniques, to evaluate their security and detect potential vulnerabilities. Mainly Identifies, penetration , document and communication cybersecurity logical and technical gaps and propose recommendation that is aligned with the bank environment .

Key Responsibilities:

  • Conduct or support authorized penetration testing of infrastructure and related information assets;
  • Gather information about network topography and usage through technical analysis and open source research and document findings;
  • Conduct network scouting and analyses vulnerabilities of systems within a network;
  • Identify methods that attackers could use to exploit system and network vulnerabilities and continuously research and study security threats and attack vectors;
  • Make recommendations to enable effective remediation of vulnerabilities and cyber security gaps identified;
  • Provide stakeholders with actionable recommendations derived from attack scenarios testing and findings;
  • Include business considerations in security strategies and recommendations;
  • Make recommendations to management to make mitigation and correction measures or accept risks when security deficiencies are identified during testing;
  • Carry out vulnerability scanning on systems and both external and internal information assets;
  • Report penetration testing and vulnerability assessment findings including risk level, proposed mitigation and details necessary to reproduce the test results;
  • Conduct remote testing of a network to expose weaknesses in security defense measures or externally exposed systems;
  • Plan and create penetration methods, scripts and tests as required for the scoped system under penetration test activity;
  • Present test findings, risks and conclusions to technical and non-technical audiences;
  • Explain business impact of vulnerabilities identified through testing to make case for addressing them;
  • Test for vulnerabilities in web applications, client applications and standard applications;
  • Identify foreign language terminology within computer programs (e.g., comments, variable names);
  • Research current technology to understand cyber defense capability required by systems or networks;
  • Provide timely notice of imminent or hostile intentions or activities as result of a vulnerability which may impact the organization's objectives, resources, or capabilities;
  • Ensure penetration testing is carried out when required for new or updated applications;
  • Conduct trial runs of programs and software applications to ensure that the desired information is produced, and instructions and security levels are correct;
  • Coordinate with other cyber defense staff to validate network alerts and provide expert technical support to resolve cyber defense incidents.

Qualifications & Experience:

  • Bachelor’s degree in Computer Science or Information Technology preferably at a post-graduate level;
  • Related fields certification OSCP , CREST , GXPEN;
  • 3-5 years of relevant experience in information security and penetration test.

Тебе також можуть зацікавити

Чому варто приєднатись до команди INTELLIAS

У нас ти знайдеш доброзичливе середовище та можливості навчатися й зростати щодня.

Можливості релокації в INTELLIAS

Отримуй новий досвід та відкривай нові горизонти, знаходячись лише в декількох годинах подорожі…

Підтримка здоров’я та спорту

Ми докладаємо максимум зусиль, щоб забезпечити комфортні умови для консультантів компанії, та піклуємося…

Як стати частиною команди INTELLIAS

Ми робимо все можливе, щоб спростити та прискорити твій шлях до нашої команди. Будемо раді бачити тебе...