Description
ABOUT TEMENOS
We’re passionate about helping banks to perform better, so we solely focus on creating banking software. Temenos offers cloud-native, cloud-agnostic, API-first digital banking, core banking, payments, fund management, and wealth management software products, enabling banks to deliver consistent, frictionless customer journeys and achieve market-leading cost/income performance. Our products combine the richest end-to-end packaged country model bank functionality and the most advanced technology, helping our clients go-live faster, giving them the freedom to innovate and deliver personalized experiences.
We are technology first, with 700+ published APIs, we partner with 100+ Fintechs in our marketplace. We have been recognized year after year by Gartner, IBS, and Forrester for our award-winning solutions.
Temenos is the 4th largest European Software company, with over 3000 clients in 150 countries. We are proud of our 7500+ Temenosians working across the globe to make banking better!
THE ROLE
As our Senior Vulnerability and Pentesting Analyst, you will be part of a fast-paced Global Information Security Operations team and cover broad aspects of Temenos Vulnerability Management program. We are looking for a highly motivated and talented analyst with a passion for Vulnerability Management. The ideal candidate will have experience supporting and managing vulnerability management activities in large enterprise environments. The role will lead key vulnerability management initiatives that will minimize security weaknesses in the environment by working with the Cybersecurity, IT Infrastructure, and Application teams to drive vulnerability remediation across the enterprise.
OPPORTUNITIES
Contribute to the design and execution of our vulnerability management program, with a special emphasis on pentesting activities to identify system and application vulnerabilities.
Serve as a subject matter expert on pentesting, application and system vulnerabilities, and threat management.
Conduct regular pentesting activities, using both automated tools and manual checks to identify and validate vulnerabilities in our systems and applications.
Create structured guidelines to facilitate the evaluation, prioritization, and security enhancement of Temenos systems and applications through pentesting.
Effectively communicate discovered vulnerabilities and associated risks to stakeholders and assist in the planning and execution of remediation efforts.
Analyze data from pentests to identify patterns, trends, and root cause problems, providing actionable insights for security enhancements.
Apply risk treatment strategies to vulnerabilities identified in pentests that cannot be remediated through regular means.
Coordinate with the Threat Intel team to research, explore and identify assets with any latest zero-day vulnerabilities publicly available from trusted resources, and suggest mitigations/workarounds.
Lead efforts to maintain patch and vulnerability management best practices to protect against exploitation of critical application and system vulnerabilities discovered during pentesting.
Participate in the Cybersecurity Incident Response Team (CIRT), using insights from pentesting activities to guide investigations and responses when required.
SKILLS
5 years of working experience in Cybersecurity, with at least 3 years of experience focused on pentesting activities.
Minimum of 2 years of experience in a vulnerability management role, including work with a vulnerability management platform as an Administrator.
Strong knowledge of networking topologies and technologies, including firewalling, routing, switching, as well as servers (Win and *nix) and PCs.
Proven experience and skills to perform Red Teaming and Pentesting activities.
Deep understanding of current cyber-attack tactics/techniques and penetration testing methodologies.
Proficiency in PowerShell/ Bash /Python scripting’s for automating tasks and exploiting vulnerabilities.
Demonstrated ability to conduct operating system, application, and database vulnerability assessments (including system configuration checks) on various Information Systems.
Demonstrate in-depth knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies, and the ability to apply this
knowledge in pentesting and vulnerability management.
Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or GIAC GPEN (Global Information Assurance Certification Penetration Tester) are highly desirable
VALUES
Care about transforming the Banking landscape
Commit to being part of an exciting culture and product evolving within the financial industry
Collaborate effectively and proactively with teams within or outside Temenos
Challenge yourself to be ambitious and achieve your individual as well as the company targets