Senior Technical Profile
Senior Security Consultant
One day you wake up and look back proudly feeling that your professional career in IT Security has been quite exciting, but your eyes are wide open as you feel that current Cybersecurity landscape looks promising. You are browsing recruitment sites and chatting with all those fancy recruiters in Linkedin looking for a new challenge; however, all opportunities are facing you into the boring world of managers. You are wondering if there would be something else out there.
You are a highly motivated individual, hungry for knowledge, devouring books on your tablet with red-eyes late at night. You can't stop browsing forums, blogs, mailing lists and Twitter to fill your inner need to keep your mind updated with the latest trends. Your passion takes you to spend your holidays at your current $DAILYJOB to attend security conferences or techie trainings because you feel complete when others like you are around. Your Amazon $BASKET is full of gadgets because technology is embedded in your DNA. Does your partner, parents or friends think that your house looks like a datacenter?
There is no need to follow the flock, we offer you something different.
We are looking for your passion to work with our team to help large international public and private organizations that are being heavily threatened, suffering as victims of cybercrimes. They need us to investigate deep security breaches, they trust us to help them to avoid it to happen again. We are not like an army, but a Special Operations team with a high-level of specialization and a very targeted one. Our team is more important than individuals, we help our customers to overcome difficulties. Yes, we are based in Spain but we do not think localy, we are global, we travel where our customers are and we do not know about boundaries as long as there is a flight available to take. What do we deliver? We are not only incident handlers and forensicators but also cutting-edge security consultants are in order to improve organizations and deploy monitoring & response infrastructures. We also do Research & Development, Outreach (giving talks & speeches at events/conferences), as well as business development (as required).
Why would you want to work for us?
You will have the flexibility to develop what other big companies can't offer you in exchange of your initiative, hard-work and commitment with the quality our customers deserve. We offer you a good atmosphere, and a very integrated and friendly team. Your colleagues will help you to grow-up and they expect you to invest your time in making us better and stronger. This location is based in Madrid. We do not work in a single office, we are distributed and most of the times we live in our customers' so when the action stops we even encourage you to work partially remotely from home to refuel your energy and the flexibility of being close to your beloved ones. ONE believes in networking in security conferences and in attending security trainings, so we invest on that for you several times a year. Hands-on training helps you to put your skills on steroids in short time and brings you close to other talented people. What about money? It is not important, right? Yes, it is; you will have a good salary according to your work and impact in our journey. We do not just expect you to deliver our services, but to put your talented brain into improving our tools and processes, and develop our products that will be used by our customers.
If you are excited about it... What do you need to work at One eSecurity?
We are looking for nice people, disciplined team-workers, white-hat ethical professionals, with high interpersonal skills. We are international, so fluent written & spoken English is a must, Spanish is strongly desired but not required; and as many other languages you speak (French, German, Arabic...) are more than welcomed. Traveling? Yes, EU Passport and a close airport is a requirement because you will have to travel where the action is. University and other Master degrees are valuable but not required, we know restless minds do not always follow the same path. We are expecting you to have more than 7 years of intense experience in the field. Cybersecurity/IT trainings and certifications are strongly desirable, specially in the security monitoring, incident response and forensic field. Let us know which are the open/commercial tools you are proficient using or automating, developing skills in scripting languages are highly desirable. We would love to see your work and publications in security conferences, blogs or just in your twitter account timeline.
Still excited about it? We would love to hear from you. Please send your resumes to firstname.lastname@example.org.
This page describes the desired profile for the candidates. All items are desired requisites except where "required" is specified. Salary and benefits will depend on the profile of each candidate.
- 7+ years in Computer Forensics / Computer Security (required)
- System / Network Administrator experience
- Private Detective/Law Enforcement experience
- Experience Testifying in Court
Knowledge and real world experience in any (or many) of the following areas will be an advantage:
- Law Enforcement Organizations
- Finantial companies
- SCADA/ICS infrastructures
- Telecommunications/Datacenters/Cloud Infrastructure Providers
- University degree (desirable but not required)
- Computer Science / Telecommunications Engineering / Industrial Engineering
- Master / PhD Additional Qualifications
- Spanish Fluent (written & spoken) (required)
- English Fluent (written & spoken) (required)
- Other languages (French, German, Dutch, Arabic, etc.)
Training & Certifications:
- Incident Response/Forensic Training & Certifications: GIAC
- FOR408/FOR508/FOR610/FOR558/FOR563/SEC504, EnCE, etc.
- Security Certifications: GIAC, CEH, etc.
- Forensic Products Training & Certification: EnCase (EnCE), FTK, etc.
Incident Response & Computer/Network Forensics Experience & Skills:
- Incident Response/Digital Investigations Computer Forensics (including tools such as SANS SIFT, EnCase, FTK, X-Ways, TSK, etc.)
- Enterprise Forensics (including tools such as EnCase Enterprise, EnCase Cybersecurity, GRR, F-Response)
- Mobile Devices Forensics (including tools such as Cellebrite, XRY, Oxygen, etc.)
- Malware analysis (including tools such as IDA Pro, radare, OllyDbg, etc.)
- Network Traffic Analysis & Network Forensics (including tools such as tcpdump, wireshark, Netwitness, etc.)
- Log Analysis (including tools such as ELK, Splunk, etc.)
- Scripting: Encase EnScript, Unix shell scripting, perl, python, ruby, Powershell, etc.
- Formal Programming Languages: C, C++, Java, etc.
Security Monitoring Technologies & Tools:
- SIEM: enVision, ArcSight, SenSage, Q1, etc.
- NIDS/NIPS: Sourcefire, snort, Tipping Point, etc.
- System & Network Administration:
- UNIX: Linux, Solaris, HPUX, AIX, ...
- Windows Network Services: DNS, Email, Autenticacion (AD, Radius, LDAP, ...), NTP, Web, etc.
- Network Administration: Cisco, Mikrotik, Juniper, etc.
- Immediate incorporation
- Large availability to travel internationally