We prioritize growth. Join us.
Job Openings: Apply Now!
AWS Cloud Security Architect
The AWS cloud security architect will lead the design and development of the AWS security architectures for protecting PII/PCI data deployed into different types of cloud and cloud/hybrid systems. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around cloud -based applications, across all types of IAAS/PAAS /SAAS.
- Familiarity with compliance & security standards across the enterprise IT landscape
- Deep understanding of enterprise risk management methods and techniques
- Proven experience building security reference architecture for all-in cloud deployments and hybrid scenarios
- Good understanding and working knowledge on AWS identity & Access management tools such as IAM, SSO, Cognito, AWS organization, AWS Directory services etc
- Good understanding and working knowledge on AWS Security tools such as Security hub, Guard duty, Inspector, AWS Config and Cloud trail.
- Good understanding and working knowledge on AWS Data protection tools such as AWS KMS, Cloud HSM, AWS Certificate manager and Amazon Macie
- Good understanding and working knowledge on AWS infrastructure protection tools such as AWS WAF, Shield and AWS Firewall manager.
- Significant technical expertise in cloud computing technologies, scripting languages (Python, RoR etc) integrating 3rd party monitoring tools, encryption tools and best practices and forensics
- Working knowledge of cloud computing technologies and workload transition challenges
- Demonstrated ability to think strategically about business, product, and technical challenges
- Experience building enterprise security strategy for driving the programs evolution to meet new requirements
- An understanding of secure internet protocols and AWS mechanisms to implement them
- The ability to make tradeoff decisions with regard to cost, security and deployment complexity given a set of application requirements
- Good understanding of security operations and risk management.
- Good understandings of security controls for workloads on AWS.
- Good understanding of design and implement a scalable authorization and authentication systems to access AWS resources
- Working knowledge on design and implement a secure network infrastructure
- Hands-on technical expertise in Security architecture, automation, integration and deployment ( Devops)
Blockchain SpecialistJob Duties:
The blockchain specialist should be highly skilled in blockchain technology and can develop blockchain-based solutions along with its integration for business purposes. Brainstorm and help evaluate applications for new tools and technologies as they continually evolve. Be involved in the global blockchain community—work on implementing and integrating the latest improvement proposals.
What we are looking for:
- Have Technical Conscience to Define the Right Blockchain Solution
- Expert in Modern Programming Languages
- Be Able to Develop and Design Blockchain-Based Software Systems
- Knowledge of Blockchain Infrastructure Configuration , Integration and Development
- Be Able to Develop and Test Smart Contracts
- A Master of Blockchain Nodes
- Be Proficient in Cryptography
- Experienced with Software Development Lifecycle
- Ability to Formulate New Business Models Based on Blockchain
- Expert in Integrating Blockchain Into Business Networks
- Have Technical Knowledge on Interoperability
- Understand Decentralized and Distributed Ledgers
- Be Proficient with Enterprise Business Processes
- Be Able to Simplify Blockchain Solutions
- Technical Knowledge of Standards and Ecosystems
- Have an Enterprise Blockchain Certification
- Solid Knowledge about the Blockchain DevOps Tools
- Able to Dissect Blockchain Architectures
IT Degree holder or relevant courses related to BlockChain.
Years of Experience:
Minimum 5 years of work experience
Cloud Security Consultant
Cloud Security Consultant shall be, responsible for ensuring the information security compliance requirements for the bank wide digital implementations.
· To work on Bank’s Digital and Cloud Security Framework
· Review Security Architecture around implementation of API as micro services, Digital components using
Cloud functions For the Cloud workloads, Perform Cloud Security Assessments as per AWS, Azure Security Standards of the company.
· Ensure continuous security compliance for developments over the CI-CD pipeline
· Apply in review various Regulatory requirements in countries the company operates on Digital Security;
· Other various financial standards and Security best practices.
And by contributing to various technical development projects and maintaining a robust security assurance program.
ROLES AND RESPONSIBILITIES
· Develop and maintain Cloud Security Controls framework and Code repository security standard
· Develop Pipelines related Standards and baselines for tools like Jenkins.
· Develop, Maintain & Review against Standards for Devops Code development and reviews.
· Develop, Maintain & Review against Standards for Micro services and API’s
· Develop, Maintain & Review against Kubernetes Security standard
· Develop, Maintain & Review against Standards for Infrastructure as code and Configuration management.
· Review against Standards for Standards for Cloud security Azure and AWS
· Review against Standards for Standards for Block chain, RPA, AI
· Review Security Architecture around implementation of API as micro services using Cloud functions, and digital componets likeSpring Boot, NodeJS, Docker, Kubernetes and NoSql databases like mongoDB, MySQL, Redis, Elastic, Logstash, Kibana, Grafana, Prometheus, RabbitMQ, Jenkins, TeamCity, GitHub
· Help ensure relevant test coverage and appropriate sampling;
· Participate as an integral part of the team, exhibiting ownership, follow through, initiative, awareness and effective communication with peers and management
· Continually learn, actively share knowledge and foster exchange of skills;
· Proactively identify opportunities to improve the quality of reporting and usability of that information;
· Contribute to newsletters, whitepapers and other written communication as needed;
· Exhaustively review reports provided by assessors to their clients and work closely with these security
vendors to resolve issues
· Perform ad hoc projects as required;
· Be willing to participate in minimal travel;
· Other duties as assigned.
· Build and manage security standards and requirements in Digital and Cloud implementations
· Manage Security Compliance requirements for HO and respective International location for digital projects
· Controls / reviews of individual component of the CI/CD pipeline, contributing in an agile fashion
· Highlight security status & concerns to management
· Consult with IT and information security staff to ensure that implementation plan is established for GAPS identified in any TRA, Digital Security Assessments
· Review and provide recommendations to IS policies, standards, guidelines/ processes with respect to Digital Implementations
· Track and report Security Gaps periodically
· Track open Audit issues on information security related to Digital Projects
· Digital components integration with existing Security tools and processess.
· Regulatory mandates on the Digital components.
ELIGIBLE CANDIDATE PROFILES
· Bachelor (or) Masters in Engineering/Technology (or) Master in Science graduates with 8+ years of experience in information security / Digital Security/ Digital Technology
· Mandatory – Candidate with AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, Microsoft Azure Architect Design
· Candidate with Security Certifications like CISA, CRISC, and CISSP will be added advantage.
· Well versed with Enterprise Architecture, SOA, Application Security, Micro services
· Understanding of information systems and networking diagrams
· Experience of Enterprise level API and integrations Roadmap and driving end-to-end implementation & success of SOA initiatives including technical architecture, installations, requirement analysis, design preparation, support to development team, standards implementation and review
· Experience evaluating the security infrastructure for large enterprise merchants or service providers;
· Working knowledge of the financial industry is desirable
· Technical understanding of Big Data technologies such as HDFS, Map Reduce, Oozie, YARN, Hive, Pig, Sqoop and Ambari etc
· Working experience with Cloud Components on Azure and AWS
· Working knowledge of audit methodologies and security assessment tools;
· Methodical and organized; able to manage multiple opportunities, projects, and partners concurrently;
· Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment;
· Able to multi-task and work independently with minimum supervision to meet firm deadlines;
· Flexible, proactive, quick to learn and possessing a can-do attitude;
· A blend of curiosity, creativity, persistence, commitment, passion and optimism
Business Development Officer (IT SALES)
Scheduling meetings, follow-up the existing sales pipeline and leading the engagement kick-off meeting and completing the handover to a delivery Project leader or day to day managing the deputed resources at customer location and selecting/creating/establishing and managing the partners with whom we would be teaming.
As an IT Solution Provider / Outsourcing Services; you will lead the identification, development and qualification of IT Outsourcing services /Placement Services/ IT Expert provider / IT Security Solution.
Solution products includes but not limited to:
1. Network Time Protocol (NTP)
2. Digital Signature
3. PKI ; etc.
Required Education, Skills and Qualifications
1. Bachelor’s Graduate
2. Must have minimum of 5 years’ experience in SALES/Business Development in any field or industry and at least 4 years’ experience in SALES UAE.
3. We require and give priority to those who have UAE driver’s license.
4. Priority will be given to those who have at least 2 active accounts in SALES.
5. Preferably with IT Background
6. Must possess driving UAE license
- Security Audit related to ISO27001 and NESA
- Identity Management / Privilege Access Management
- Logical Access Review
- Cisco Security Devices (ASA, ISE VPN, IPS, Ironport, IDS and Cisco ACS)
- Firemon Risk Analyzer
- McAfee IPS and ePO
- PGP Universal Server
- Bluecoat Proxy and AV, IDS, IPS
- Vulnerability and Penetration Testing, Incident Response and Forensic
Roles and Responsibilities:
- Conduct quarterly Logical Access Review.
- Conduct vulnerability assessment and penetration testing, including reporting and remediation plan. Coordinating with application and system owners for patch deployment
- Coordinating with security governance for security projects, PoCs and enhancement
- Documenting, mitigating and reporting security findings reported by ADSIC, internal stakeholders etc.
- Assist Technical Security in conducting regular network security assessments.
- Involvement on security audit like ISO27001 and NESA
- Identify risk and network exposure including those related to malicious programs, viruses, improper system access, unauthorized systems, buy-trusted-tablets.com and improper network use.
- Conducting self-assessment and risk assessment
- Maintain list of assets, ensuring updates and patches are deployed and working with technology vendors in troubleshooting and enhancement.
- Update information security related documents like procedure, guidelines, baselines, asset register
- Maintain Operate and Manage Security devices including the following devices but not limited to; Cisco Firewall, Cisco Wireless LAN Controllers, Cisco ACS 5.0, , Cisco ISE, Cisco IronPort, McAfee NSM, Firemon Risk Analyzer, SIEM, Privilege Access Management Software, Vulnerability Scanner
Technical Qualification :
1. PKI / Certification and Registration Authorities / Public Key cryptography
2. X.509 Digital Certificates (ASN.1, OIDs, PEM/DER encoding, LDAP namespace structure, Keys and Algorithms)
3. Digital Signature technologies and data format (XML Digital Signature, XAdES, CMS – PKCS#7)
4. PKI and OTP based authentication (SSL/TLS, client/server certificates, OATH)
5. Network Time Protocol and Secure Digital Timestamps (RFC3161)
6. Cryptographic tokens (software/hardware, PKCS#11 & PKCS#12, Smart Card technologies)
7. Hardware Security Modules (HSM, examples: SafeNet, Thales/nCipher), FIPS 140 / Common Criteria
8. Data Encryption practices, technologies, standards (related to email: S/MIME and PGP, Disks/Files, Databases, VPN)
9. Virtualization technologies (VMware Workstation & ESXi, Oracle VirtualBox, Citrix)
10. Prepare the technical documentation (RFP/RFI/ Solution response)
12. Web-application firewals (WAF), HTTP content delivery and proxy protocols
13. Cyber security / Vulnerability Scanning / Penetration testing / Incident Response
14. UNIX/Linux OS (preferred Red Hat / SuSE / CentOS based), including installation, troubleshooting/maintenance and automation (scripting)
15. Microsoft Windows Domain / Server / Desktop platforms, including installation and troubleshooting
17. IP networking concepts (similar to CCNA, but no certificate required), Ethernet networks, WAN/LAN, WiFi – able to use tools to diagnose and troubleshoot (tcpdump, wireshark, traceroute)
18. Computer hardware essentials (USB devices, serial port communication)
Certification and courses (optional, preferred, this or similar):
1. Linux OS administration: RHCE or LPI
2. Information Security Management Systems (ISMS): ISACA CISA/CISM, ISO 27001 Auditor/Implementer
3. Technical IT Security: any by ISC2, EC-Council, GIAC, CompTIA
4. Technology Vendor Product related certificates
5. Any related to cyber security with hand-on experience
Roles and Responsibilities:
1. Maintain Operate and Manage and Improve PKI solutions implemented in banking and air traffic verticals
2. On-site troubleshooting of IT security solutions and security related issues (including emergency/incident response)
3. Assist Sales Team on meetings with potential/existing customers, preparing technical parts for tendering process and responses (RFI/RFP, requests and responses for proposal)
4. Maintain relationship with the vendors / partners whose technology we deliver and integrate to our customers
5. Take care of security of company’s IT resources, including Internet accessibility to our NTP and PKI Demo infrastructure
6. Identify risk and network exposure including those related to malicious programs, viruses, improper system access, unauthorized systems, and improper network use.
7. Conduct vulnerability assessment and penetration testing, including reporting and remediation plan
8. Writing and updating of information security related documents like procedure, guidelines, baselines, asset register
Assignment location / logistics:
– RNTrust (RECRO NET Middle East) office is located in Dubai
– Most of our clients are in Abu Dhabi: therefore: Driving license valid in UAE is required