54gene is a health technology company centered on advancing the field of African genomics to unlock scientific discoveries as well as improve diagnostic and treatment outcomes within Africa and the global community. Founded in 2019, 54gene utilizes human genetic data derived from diverse African populations, to improve the state of healthcare through large-scale discovery and translational research, advanced molecular diagnostics, and inclusive clinical programs. Our mission is to deliver on the promise of precision medicine for Africans and the global population, by bridging the global health disparity gap.

We are recruiting to fill the position below:

Job Title: Cybersecurity Engineer

Location: Lagos, Nigeria
Status: Full-time
Department: Cybersecurity
Reports to: Sr Director, Cybersecurity
Industry: Biotechnology

Job Description

• We are looking for a Cybersecurity Engineer who will work directly with the Senior Director of Cybersecurity.
• This role will take the traditional vulnerability assessment and build upon it. Evaluate the security of 54gene’s networks, applications, sensitive internal systems, mobile application and data coding standards.
• Our Engineer will need to go beyond the typical enumerating vulnerabilities through scanning and need to look at exploiting identified issues or discovering issues not picked up by scans.

Duties and Responsibilities

• Network, System, Application, Mobile, traditional web and wireless penetration testing.
• Testing and exploiting web app and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP and API attacks.
• Managing/facilitating security due diligence activities throughout the Application Software Development Life Cycle (SDLC) to ensure that security risks are identified and controls are implemented to mitigate risk.
• Designing and developing Cloud-specific security policies, standards and procedures e.g. Identity and Access Management (SSO, SAML), and Privilege Management, Firewall management, SSL/IPSec, Encryption Key Management (BYOK), Security incident and event management (SIEM), Data protection (DLP, encryption), Vulnerability Management in partnership with Infrastructure Services, and Application Development.
• Be a subject matter expert on security controls applicable to rapid software development methodologies and DevOps automation.
• Recommend or automate approach to streamline and integrate technological processes and/or systems to improve operational efficiency and effectiveness.
• Spread awareness and knowledge of good Information Security practices in development teams.

Qualifications and Requirements

• Bachelor’s Degree in an IT-related field is preferred, but not mandatory
• 4+ years of relevant experience
• CEH, OSWE or equivalents very strongly preferred

Knowledge, Experience and Skills:

• Strong technical acumen with an understanding of cloud security, and familiarity with security tools and processes.
• Experience with penetration testing and code reviews highly desired.
• Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding required.
• A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired.
• Familiarity with Advanced Persistent Threat (APT) activity.
• In depth knowledge of Application Security, API testing, Information Security risk and industry best practices.
• Knowledge based on hands-on experience in implementing security in rapid software development methodologies (like, Agile) and DevOps automation.
• Microservice architecture expertise and best practices in securing APIs across multi-cloud environments.

Other

• Authorization to work in Nigeria
• The duties stated are intended to describe the general nature and level of work to be performed. They are not to be construed as an exhaustive list of all duties, responsibilities and skills required. Other related duties may be assigned within scope of ability.

Application Closing Date
27th February, 2022.