Senior CyberSecurity Assurance Analyst Emirates Airlines Dubai

Full time @Emirates Airlines posted 4 weeks ago in Airlines
  • Dubai, United Arab Emirates, Garhoud Area opposite to Airport Terminal 3, Dubai, AE View on Map
  • Post Date : February 23, 2025
  • Apply Before : April 23, 2025
  • Salary: د.إ15,000.0 - د.إ25,000.0 / Monthly
  • 0 Application(s)
  • View(s) 63
Email Job

Job Detail

  • Job ID 36402
  • Career Level  Senior
  • Experience  5-9 Years
  • Gender  Male Female 
advertisements

Job Description

As a Senior CyberSecurity Assurance Analyst in the Cyber Assurance team, you will develop, implement, lead and continuously improve the security verification and testing processes consisting of but not limited to risk assessments, compliance reviews, vulnerability assessments and penetration tests based on industry best practices and as defined by the assurance. Collaborate with the team in developing the assurance program on an ongoing basis to incorporate industry best practices and offensive and defensive attack techniques.

In this role you will:

  • Represent cybersecurity assurance capabilities within the agile process as well as drive Cybersecurity best practices across the Emirates Group by executing in-depth automated and manual discovery of security vulnerabilities in web applications, mobile applications, web services and client-server applications and associated infrastructure.
  • Research, recommend and implement formal methodologies and tools for conducting technical cybersecurity risk assessments, reviews and investigations. Perform impact analysis to achieve the security-by-design objective.
  • Monitor and continuously review the Emirates Group systems on an ongoing basis, in compliance with the Emirates Group Cybersecurity Policies, principles and standards. Initiate corrective actions in the event of any violations to aid effective risk-based decision-making supported with data.
  • Plan and schedule regular vulnerability assessments, penetration tests, technical risk assessments and compliance reviews on the Groups key IT infrastructure components and applications based on the criticality and perceived risk of the applications/services.
  • Ensure all the identified security weaknesses and risks are managed through their life cycle via product backlogs. To ensure development teams have a clear prioritization or can triage issues on a timely basis by providing knowledge transfer to the agile teams using meetings, walkthroughs, technical discussions, etc.
  • Develop documentation and a knowledge base to be used by developers for implementing secure coding practices. And provide recommendations for missing application and infrastructure security controls to facilitate a secure design culture.
  • Provide necessary knowledge transfer of the vulnerabilities found during the assessments. To the software engineering teams using meetings, walkthroughs, technical discussions etc. For implementing appropriate security fixes.
  • Collaborate with development teams on improving security by offering design reviews, threat modelling, awareness, training, new tooling and expert review.
  • Create tools, scripts, and automation to make the vulnerability discovery and vulnerability management process more consistent, and repeatable and increase efficiency.

Qualifications & Experience

Qualification:
  • Degree or Honours (12+3 or equivalent) in a relevant field such as Computer Science, Computational Mathematics, Computer, Engineering or Software Engineering.
  • 5+ years in IT Security related industry with recognized certification such as CISSP, CISA, CISM, GIAC certification, CEH etc.
Knowledge & Skills Required:
  • Strong understanding of network protocols, system architectures and related security technologies.
  • Extensive experience in technical risk assessments and providing risk mitigation recommendations.
  • Excellent communication skills for conveying complex security issues to diverse stakeholders.
  • Strong fundamentals of OS, Network devices, databases and programming Concepts.
  • Proficient in using and implementing open-source and commercial tools for applications, mobile, and thick client security testing.
  • Experience building tools and automation to discover vulnerabilities at scale.
  • Knowledge of reviewing mobile and web-based security design, security implementation and review.
  • Penetration Tester (GWAPT), and Certified Information Systems Security Professional (CISSP).
  • Deep technical knowledge of browser security controls such as SOP, CSP, XFO, HSTS, etc
  • Strong skills in running vulnerability discovery and vulnerability management processes.
  • Experience in auditing designs of technical implementation of infrastructure security components.

Senior Travel Consultant Emirates Airlines Abu Dhabi

Other jobs you may like

 
Required 'Candidate' login to applying this job. Click here to logout And try again
 

Download our Android App

To Apply for Jobs, For Interview Calls, and Short listing, Download our android app

Download
 
 
 

Apply for this Job

  • Drop a resume file or click to upload.
    To upload file size is (Max 5Mb) and allowed file types are (.doc, .docx, .pdf)
    or
    Upload Resume

  • By clicking checkbox, you agree to our Terms and Conditions and Privacy Policy

 

Account Activation

Before you can login, you must activate your account with the code sent to your email address. If you did not receive this email, please check your junk/spam folder. Click here to resend the activation email. If you entered an incorrect email address, you will need to re-register with the correct email address.