Experienced Ethical Hacker
FULL OR PART TIME POSITION
Work Location: Reykjavík, Iceland / Remote GMT hours
Deadline: until filled
SecureIT is growing and we are looking for a new colleague, a systems thinker experienced in ethical hacking, to join our Offensive Security team to take these next exciting steps with us!
At SecureIT, Ethical Hackers don’t own or pwn – they strategically, analytically – and most importantly – offensively use knowledge and skills to test our customers systems to reveal vulnerabilities in security posture and recommend remediating actions.
Our offensive security team handles a variety of engagements, including internal, external and web application pentests, threat intelligence, vulnerability management and phishing attack simulations.
We are looking for people that are passionate for the future of security, especially those that are not currently a dominating part of tech culture.
Duties and Responsibilities:
- Design and conduct tests to break into security protected networks, applications, computer systems and web-based applications to look for vulnerabilities
- Set up and maintain critical Offensive Security Infrastructure
- Conduct physical security assessments of server systems and network device security
- Perform E.H. audits: conduct security and network audits to evaluate how well an organizations system conforms to a set of established criteria
- Analyze IT and infrastructure policies for effectiveness, make suggestions for improvements and to work to enhance methodological material
- Write security assessment reports: document findings, write security reports and actively participate in IT and management teams meetings with our customers on solutions and recommendations
- Conduct offensive security operations on customer systems and services, including internal- and external pentests, web application pentests, PCI and segmentation pentests, and phishing attack simulations
- Conduct physical security assessments on customer premises that are designed to test resilience against attacks such as unauthorized access to secured locations, removal of property and planting of rogue devices
- Write security assessment reports that clearly document findings and impact of vulnerabilities on the customer’s security posture, in addition to participating in presentation of results to customer’s management and IT teams
- Participate in setup and maintenance of our offensive security infrastructure
- Cooperate with the whole team on consultation and security evaluation projects for our customers
Education and Qualifications:
- 7 years of experience in ethical hacking
- Relevant Degree in Ethical Hacking or Offensive Security related
At SecureIT we value diversity and inclusion in our people, work and environments. We believe that a healthy work environment and an inclusive culture needs to be a clearly defined goal that we strive for every day. In doing so, we create a place of work where our people thrive and customer satisfaction becomes an integral part of doing business.
We are looking for people that are passionate for the future of security, especially those that are not currently a dominating part of tech culture.
If you have any questions please email us here.
Information Security & Compliance Genius
FULL OR PART TIME POSITION
Work Location: Reykjavík, Iceland / Remote GMT hours
Deadline: Until filled
SecureIT is a growing company looking for a great colleague to join our Security & Compliance team!
At SecureIT a Security & Compliance Consultant provides analytical and hand-on consultancy services to our customers.
We work in strong partnerships with our customers within the fields of holistic and offensive security, audits and compliance to name a few.
At SecureIT, a Cyber Security & Compliance Consultant works within our Risk and Compliance Department on a number of different task related to; information security, virtual CISO’ing, performing assessments, audit preparedness tasks as well as audits for our customers in known standards such as PCI, ISO27k, FSA (FME), PCI, Directorate of Health etc.
SecureIT also certifies companies in standards such as HITRUST, ISO27k, PCI, FSA, NIST and are consultants that are familiar with and have performed such audits.
We are looking for people that are passionate for the future of security, especially those that are not currently a dominating part of tech culture.
Duties and Responsibilities:
- Perform information assurance assessments including FSA audit, SWIFT, and others
- Perform and lead ISO27k, FSA, SWIFT, PCI and other audits relating to information assurance
- Input and review of other audits and assessments undertaken by SecureIT staff
- Assist with updating or creating a business continuity management program and testing of business continuity plans
- Providing consultation and improvements on ISMS, aligning business requirements, security requirements, and compliance requirements to standards and regulations
- Virtual CISO - support customers as a virtual CISO through security best practices, architecture, reviews, audits as needed.
- Provide consultation within GDPR and information security
Education and Qualifications:
- 3-5 years of experience in a relevant risk, information technology or security field
- Relevant education or certification such as a BSI ISO 27001 Lead Auditor, PCI or GDPR certification
At SecureIT we value diversity and inclusion in our people, work and environments. We believe that a healthy work environment and an inclusive culture needs to be a clearly defined goal that we strive for every day. In doing so, we create a place of work where our people thrive and customer satisfaction becomes an integral part of doing business.
We are looking for people that are passionate for the future of security, especially those that are not currently a dominating part of tech culture.
If you have any questions please email us here.