World Bank 11, Taramani Main Road Tharamani, Chennai
Background / General description:
The World Bank Group (WBG) Office of Information Security (OIS) provides
information security services to the World Bank Group (WBG). OIS's mission is
to protect the WBG's information assets in a manner that supports the WBG's
mission to eliminate poverty.
The OIS develops strategy, standards and processes to protect the
confidentiality, integrity and availability of WBG information assets in a
manner that is aligned with the values and risk appetite of WBG Management.
The OIS strives to maintain an information security program in a way that
respects the rights and privacy of those it serves and addresses the needs of
the WBG's business units.
The OIS is responsible for managing information security strategy,
operations and compliance activities for the Worldbank group. This includes
security of the WBG remote sites in over 180 countries across the globe.
The OIS is in search of an Incident Response - Malware Analyst for our
Information Security Operations (ISOC) in Chennai India. We are recruiting
analyst who are result oriented, multi-disciplined and comfortable in operating
and maintaining secured solutions for platforms running mission critical
business applications in a homogeneous environment, at the enterprise level.
The Analyst is expected to work both independently and with team of other
incident handlers handling complex assignments and situations with unstructured
interaction.
Note: If the selected candidate is a current Bank Group staff member with a
Regular or Open-Ended appointment, s/he will retain his/her Regular or
Open-Ended appointment. All others will be offered a 3 year term appointment.
Duties and Accountabilities:
Malware Analyst
·
Document vulnerabilities and exploits used
while analyzing a malware. Analyze, evaluate, and document malicious code
behavior.
·
Identify commonalities and
differences between malware samples for purpose of identifying, grouping and
classifying them under appropriate malware families..
·
Research on new vulnerabilities,
exploits, develop a POC for a zero-day Malware and then provideearly alerts to
Security Engineering team along with mitigation strategy.
·
Research and write actionable
reports.
·
Ensure the accuracy and integrity
of information throughout reporting.
·
Impart training to internal team
members on Reverse Engineering.
·
Participate in directed research,
ad-hoc and development tasks.
·
Complete other tasks as directed
by the ISOC Lead.
·
Assist internal developers in
developing new tools to identify a 0-day malware based on various
characteristics of a file format.
·
Assist the ISOC lead in
developing and setting up frameworks for developing incident response toolkit.
Security Monitoring
follow-up as required. Provide
Information Security Operations Center (ISOC) support on a 24x7x365 basis by
shift work with rotation
·
Monitor multiple security alert
sources, eliminate false positives, based on impact and nature of the incident
triage significant security events and escalate according to the established
procedures
·
Review automated daily security
reports of key security controls, identify anomalies and, escalate critical
security events to the appropriate stakeholders and Incident Response
·
Conduct thorough investigative
actions based on security events and remediate as dictated by standard
operating procedures
·
Participate in all the phases of
OIS incident response process, including detection, containment, eradication,
and post-incident reporting.
·
Record detailed Incident Response
activities in the OIS Case Management System.
·
Wherever required perform system
memory forensics.
Selection Criteria:
·
Minimum 5 years of Information
Security experience required; out of which an individual has worked with CSIRT
for a minimum period of 2 years and
·
Bachelor's degree in computer
science, information technology, systems engineering, or a related field.
·
At least 1 year conducting some
form of malware analysis.
·
Understanding of how operating
systems work and how malware exploits them.
·
Understanding of network traffic
and be able to analyze network traffic introduced by the malware.
·
Past exposure to APT type malware
and financial crime malware such as Zeus and SpyEye etc.
·
Currently conducts 75% of their
current job conducting malware analysis or malware intelligence
·
Experience in researching
vulnerabilities and exploits
·
Thorough understanding of Windows Internals
and memory management.
·
Knowledge of common hacking tools
and techniques
·
Experience in understanding and
analyzing various log formats from various sources.
·
Experience in analyzing reports
generated of SIM/SEM tools
·
Proficient experience with the
following concepts and related toolsets:
·
Network sniffers
·
Process analysis tools
·
Registry analysis tools
o File analysis tools
o Memory analysis tools
Interpersonal skills:
Introductory-to-intermediate
assessment skills
Strong interpersonal skills (the
IH must be able to work with a team in a dynamic environment)
Strong track record of
understanding and interest in current and emerging technologies demonstrated
through training, job experience and/or industry activities
Strong team player - collaborates
well with others to solve problems and actively incorporates input from various
sources
Strong analytical skills - strong
problem solving skills, communicates in a clear and succinct manner and
effectively evaluates information/data to make decisions; anticipates obstacles
and develops plans to resolve
Proven scripting skills (the IH should
develop ad hoc scripts to supplement existing tools as needed)
Change oriented - actively
generates process improvements; supports and drives change, and confronts
difficult circumstances in creative ways
erformed penetration testing,
vulnerability management and application security code reviews is preferred
Certified Information Systems
Security Professional (CISSP) or GIAC Certified Intrusion Analyst (GCIA) or
GIAC Certified Incident Handler (GCIH) is prefered
Hands on experience with security
technologies like antivirus, IDS/IPS, SIEM tools is preferred
GIAC Certified Forensics Examiner
(GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering
Malware (GREM) is preferred
Experience in developing network
based applications is preferred
Competencies:
Business Enterprise Knowledge -
Develops and implements technical solutions that meet operational improvement
needs.
Knowledge of Emerging Technology
- Tests new technology to evaluate capability compared to specifications.
Risk Management - Reduces risk by
solving day-to-day problems as they arise.
Systems Thinking - Investigates
the critical relationships among primary business, technology and systems platforms.
Strategic Technology Planning -
Asks questions and assesses aspects of the strategic technology plan.
Client Orientation - Takes
personal responsibility and accountability for timely response to client
queries, requests or needs, working to remove obstacles that may impede
execution or overall success.
Drive for Results - Takes
personal ownership and accountability to meet deadlines and achieve agreed-upon
results, and has the personal organization to do so.
Teamwork (Collaboration) and
Inclusion - Collaborates with other team members and contributes productively
to the team's work and output, demonstrating respect for different points of
view.
Knowledge, Learning and
Communication - Actively seeks knowledge needed to complete assignments and
shares knowledge with others, communicating and presenting information in a
clear and organized manner.
Business Judgment and Analytical
Decision Making - Analyzes facts and data to support sound, logical decisions
regarding own and others' work.
Closing Date: Tuesday, 26 February 2013
To apply follow this link
No comments:
Post a Comment