Posting Date: 9 Oct 2024
City: Genova
Location: Genova, Italy, 16129
Contract Type: Fixed-Term
Division: Cyber Security and Management Consulting
Level of experience: Junior
RINA is currently recruiting for a Junior Cybersecurity Engineers INFOSEC/COMSEC to join its office in GENOA within the Cyber Security and Management Consulting Division.
We are currently looking for 2 junior cyber security engineers to expand our technical team. Junior personnel could have less than 5 years of experience in the field, but a technical academic background in computer engineering or computer science is required and an experience of at least 2/3 years is appreciated.
The persons will be in charge of technical activities such as:
Identify security risks within organizations and complex systems/architectures; Perform vulnerability assessments and penetration tests in different market sectors; Design security measures and provide recommendations or suggestions to improve security postures; Implement technical security measures also by means of hardening of target systems/devices based on identified security baselines or requirements; Provide support to Customers in cybersecurity related activities; Draft technical reports; SW Code/Script development and/or network devices configuration also by means of automated configuration tools; Write technical documentation, regarding both descriptions and test procedures. Requirements: Knowledge of security aspects of principal Operating Systems; Previous experience in performing VA/PT activities (also for personal interest/passion, e.g. CTF challenges); Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments; Strong problem-solving ability; Excellent verbal and written communication skills - Italian and English as a minimum; Flexibility and ability to multi-task in a fast-paced atmosphere; Availability to travel within the Country and abroad; Adequate knowledge of networking models (e.g. ISO/OSI, TCP/IP); Adequate knowledge of cryptographic algorithms (e.g. SHA, AES, CBC, ECB). Desired Requirements: Security Certifications: e.g. ISO270001 Qualified Lead Auditor, GIAC/GICSP or ISA62443 related certifications, CEH, OSCP, eJPT, PJPT, ISACA CISM/CISA/CRISC, ISC2 CISSP. Knowledge of security tools/platforms such as: automated configuration tools (e.g. Ansible or Puppet), vulnerability assessment tools, penetration tests techniques and involved applications, cloud security, cyber threat intelligence, Mobile Threat Detection, Intrusion Prevention/Detection Systems (IPS/IDS), Endpoint Protection Platforms (EPP, but also EDR, MDR and XDR services), technologies related to code security analysis, Web Application Firewall (WAF), Security Orchestration Automation and Response (SOAR), Security Information and Event Management (SIEM) and Governance Risk Compliance (GRC). Previous experiences in Red/Blue/Purple Teams will be considered as a plus.
With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors. Our business model covers the full process of project development, from concept to completion. The aim is to guarantee a project's technical, environmental and safety - and sometimes also economic and financial - sustainability.
At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.
#J-18808-Ljbffr