Security Technician: Technical support for administration, operation, and security management.

Description

Job Summary: We are seeking a Senior Security Technician to manage and conduct security audits, resolve incidents, and design cybersecurity architectures. Key Highlights: 1. Experience in black-box and gray-box security audits (OWASP) 2. Design and construction of security architectures 3. Management of penetration testing and resolution of technical queries DESCRIPTION Technical Support for Security Management: 'Senior Security Technician' Management and execution of security technique audits * Experience in black-box and gray-box audits based on the OWASP methodology. * Experience in incident and vulnerability resolution * Collection and preparation of information for use in security incident analysis or as a basis for decision-making. * Design and construction of architectures for identification, detection, and mitigation of attacks against information security. * Collaboration in defining, implementing, and monitoring training and awareness plans. Delivery and instruction of information security courses, brochures, micro-modules, etc. * Management and execution of system integrations, communication devices, and the Ministry’s security systems with services from the AGE’s COCS. * Development of technical security procedures and instructions for the Ministry’s Infrastructure area. * Management and execution of penetration testing * Resolution of technical security queries for the Ministry * Collaboration with other SGITS units (Communications, Systems, Development, etc.) to carry out assigned service tasks. * Experience and knowledge of hardening for .NET, J2EE, Windows (Active Directory & SCCM/MECM), Unix, and Linux architectures. Working Hours: 9:00 a.m. to 6:00 p.m. On-Call Duty: On call. 1 week per month. REQUIREMENTS Bachelor’s degree, Licentiate degree, Higher Engineering degree, or equivalent. Management and execution of security technique audits Experience in black-box and gray-box audits on systems and applications based on the OWASP methodology. * Experience in incident and vulnerability resolution. * Experience and knowledge of hardening for .NET, J2EE, Windows (Active Directory & SCCM/MECM), Unix, and Linux architectures. * Administration of tools commonly used in vulnerability analysis (OWASP ZAP Proxy, Burp Suite, SOAP UI, Nessus, etc.); as well as querying repositories and managing alerts (MITRE CVE/CWE). * Use of cybersecurity tools and solutions from the National Cryptologic Center (CCN): ANA, LUCÍA, MARTA, and microCLAUDIA. * Certifications or qualifications in cybersecurity issued by authorized organizations will be valued: * SANS (GISF, GCED, GDSA, etc). * (ISC)² (CISSP, ISSAP, ISSEP, ISSMP, etc). * EC-Council (ECSS, CEH, APT, CND). * (ISC)² (CCSP). * Microsoft (MTA: Security Fundamentals) * CompTIA (Security+, PenTest+, CySA+)