Security Analyst (Junior Level) at uLesson Education Limited

uLesson is a venture-backed education technology business whose mission is to deliver high-quality, affordable, and accessible education to all Africans. Our app hosts thousands of educational video tutorials that combine quality lessons delivered by experts in education, with digital animations and illustrations to explain key concepts; thereby, providing students with a learning experience that is unprecedented in its richness, scope, interactivity, and effectiveness.

We currently provide students between the grades of 4 and 12 with access to high-quality, curriculum-relevant, animated video lessons. At the moment, our uLesson App has been downloaded over 2 miliion times and we’ve been featured by credible media houses like CNN, Venturebum, Techcrunch, Quartz and Business insider.

We are recruiting to fill the position below:

Job Title: Security Analyst (Junior Level)

Location: Abuja (FCT)

Job Description

• We are seeking a product-focused Security Analyst to join our engineering team. As Security Analyst, you will be assisting in the performance of periodic vulnerability assessments and penetration testing to continuously analyze and improve the security posture of applications and networks in the enterprise.
• Overall, you will be joining a team of 20+ members, including Product Managers, Product Designers, Frontend, Backend, Web & Mobile Engineers as well as QA engineers. Our goal is to ship quickly and iteratively as we deliver continuous value to our customers.
• The team functions using agile methodologies and is very high on ownership and collaboration

Key Responsibilities

• Assist in the performance of periodic vulnerability assessments and penetration testing to continuously analyze and improve the security posture of applications and networks in the enterprise.
• Perform scheduled and impromptu, internal and external system audits.
• Analyze security breaches to identify root cause.
• Stay up-to-date on information technology trends and security standards with a view to recommending relevant practice to the organization.
• Facilitate and conduct periodic staff cyber security awareness training.
• Continuously update the organizations incident response and disaster recovery plans.
• Work closely with a variety of internal and external stakeholders to acquire and exchange information on Cybersecurity issues, processes, and best practices.
• Recommend mitigation for vulnerabilities discovered and verify solutions recommended are implemented.
• Document results of tests for the product, engineering team and executive management.
• Work together with the software developer and engineering team to obtain clarification and understand architecture.
• Undertake load and performance testing for API and databases in use.
• Record and enhance the load test scripts.

Qualifications and Skills

• Minimum of 2 years experience in vulnerability assessments and penetration testing.
• Extensive knowledge and verifiable application of the ethical hacking methodology on previous engagements.
• Extensive working knowledge of web and mobile applications and technologies.
• A broad based understanding of software technologies.
• Knowledge of and experience with mitigating vulnerabilities inherent to varying clients such as web and mobile devices (android & ios mobile applications).
• Understanding of application programming languages, application servers, web services.
• Understanding of patch management with the ability to facilitate deployment of patches in a timely manner with an understanding of business impact.
• Knowledge of and experience with API testing and the OWASP API risk advisory.
• Strong vulnerability assessment test result analysis skills, and test results reporting skills.
• Excellent written and verbal communication skills.
• Strong project and time management skills with a track record of being able to deliver within agreed timelines.
• Detail-oriented, with the ability to prioritize effectively.
• Ability to work well within teams and thrive in a fast-paced environment.
• Understand the concepts of distributed performance testing.
• Proficient in the use of JMETER load testing tool and extension of functionality using scripts and plug-ins.
• Knowledge of and experience with Common Vulnerabilities and Exposures (CVE) and Open Web Application Security Project (OWASP) processes and remediation recommendations.
• Experience with application and network security testing tools and exploitation frameworks such as Nessus, OWASP Zap, NMAP, BurpSuite, Wireshark and Metasploit.

Compensation
N400,000 / Monthly.

How to Apply
Interested and qualified candidates should should send their updated CV to: [email protected] telling us a bit about yourself with the Job Title as the subject of the email.