JOB DESCRIPTIONPOSITION: TECHNICAL WRITEREXPERIENCE: 2-4 YRSLOCATION: BANGALOREWe are looking for people who are passionate about writing, learning and technology. Primary Responsibilities:- Prepare analytical and technical reports, specialized content and publications, and provide client ready material on static and dynamic cyber security risks.- Track active malware, vulnerabilities, threat actors, and incidents and prepare short reports for timely and accurate intelligence sharing with clients.- Collect threat intelligence against active cyber topics from various sources and prepare brief analytical reports for real-time sharing- Spot cyber trends, report changes, and perform advanced technical analysis of cyber threat landscape highlighting emerging threats, technical threat intelligence and future impacts. - Work closely with IT operation teams for identifying and remediating security issues.- Create a technical repository on cyber topics and issues through meticulous research and analysis.- Lead cyber threat analysis and threat intelligence initiatives and serve as an SME in product development.- Review latest cyber security technologies, hacker tools, gadgets, security products and services.What are we looking in you- - Thorough knowledge of technical aspects of IT and Cyber Security. - Understanding of Web Culture and passionate about technology. - Can Articulate ideas in clear and lucid manner to produce informative articles. - Excellent Written and Verbal Communication Skills. - Can produce articles at a short notice. - Innovative, motivated, and willing to re-define the Job! Benefits of working at Cyware- - We are a small but highly dedicated and motivated team that has created a powerful impact in the domain of cyber security in a short period of time. Join us and you will have:- A chance to learn in a highly competitive environment. - An opportunity to prove your mettle and enjoy a unique growth trajectory. - Freedom to innovate and flexibility to operate. - A Team that will support and help you to explore your true potential. - An awesome atmosphere to work in!
Who you are• An analyst, a Red-Team-Blue-Team thinker, an autodidact, a threat hunter, or a researcher like none other • An always-on Security enthusiast and the go-to for news and views about vulnerabilities and malware, active threats, attack vectors, and zero-days exploited in the wild• An Eagle for detail and spotting the 'known' in the unknown• Passionate about Cyber Security and a believer in defending against the bad guys • Communicator at par in verbal, textual, and graphical mediums • A Bachelor or Master of Engineering or Technology in Computers, Information Science, or Information Technology or a Master of Computer ApplicationsWhat you'll do• Work cross-functionally with Cyber Threat Intelligence and Cyber Security Operations teams to build out our ever-evolving threat intelligence platform• Ideate and define ways to present vulnerability intelligence, preferably via dashboards and reports• Identify factors contributing to higher client-side impact of vulnerabilities and be the domain expert for our impact scoring mechanism• Track and monitor vulnerability lifecycles from zero-day discovery to CVE-ID allocation• Profile and monitor specific cyber threat actors --- including nation-states and hacktivists ---, groups, and campaigns to understand adversarial tradecraft along with tactics, techniques and procedures (TTPs)• [BROWNIES] Clearly communicate findings in written reports in English and visualsWhat you got• Between two and five years’ experience in Cyber Security• Hands-on understanding of vulnerabilities, computer intrusions, malicious code and patching mechanisms for Windows, Linux, and critical apps• Working knowledge and understanding of CVSS v2 or v3 • Proven abilities to associate vulnerabilities with CWEs• Able to analyze network protocols for vulnerability identification • Familiarity with network-based exploitation and its mitigation• Familiarity with Snort and Suricata• [HUGE PLUS] Experience or familiarity with vulnerability assessments
Security Content Developer * As a security content author, this role involves hands on security and compliance stuff. Prior experience with security tools (exploit development, port scanner and so on), scanner (OVAL, SCAP, Nessus, OpenVAS) would be a plus. As a member of security content team, you will be asked to develop and manage the security content, assume the full responsibility towards handling the content quality for the cloud services, with your value added knowledge that comes from your prior experience. You'll be asked to adhere to Redlock standards and procedures while developing the content. * Well known exposure to common vulnerabilities and knowledge on vulnerability common standards such as CVE, CVSS and CCE. * Expertise in authoring/mapping content for various security compliance standards both including regulatory (PCI, HIPAA, SoC2, SoC3, GDPR so on) and standard compliance frameworks such as NIST-800-53, CIS and so on is a must. * This role requires that, you've prior experience and hands on cloud services AWS, Azure and GCP (one of the 3 at least). * Expertise towards remediation of vulnerabilities or compliance (misconfiguration alerts), both via procedural and CLI methods.