Lead Technical Cybersecurity Analyst

MentorMate creates durable technical solutions that deliver digital transformation at scale by blending strategic insights and thoughtful design with brilliant engineering. With mature and established practices in enterprise web and mobile development, quality engineering, technical architecture, human-centered design, cloud, DevOps, data, and analytics, the company provides challenging careers in a friendly and global people-oriented environment. We value every team member and share our success through flexible working models, competitive pay and benefits, and advancement opportunities. 
As part of global technology company Tietoevry Create, MentorMate enables people to work on impactful, global projects for recognizable brands and grow their careers in a team of over 10,000 experts.
About the role
We are currently seeking a highly skilled and experienced Cybersecurity Lead to join our newly formed Enterprise Cybersecurity and Compliance team. As a key member of our security and compliance division, this role is pivotal in ensuring the integrity and security of our custom software solutions. The role will serve as a subject matter expert with current knowledge of a wide range of cybersecurity threats, analysis, and remediation practices and will personally lead the application of this expertise to some of the immediate cybersecurity challenges faced by the company.
About the team
Our Enterprise Cybersecurity and Compliance team of certified experts delivers comprehensive solutions to protect enterprise digital ecosystems from threats and vulnerabilities. Being a SOC 2 Type II certified company since 2021, MentorMate enables industry-leading cybersecurity professionals to apply their technical expertise in various consultative and technical security and compliance client projects in multiple industries.

Responsibilities

• Participate in the architecture, design, and development phase of software production
• Analyze alerts, events, and incidents to identify, scope, contain, and remediate a full range of cybersecurity matters
• Lead a team of cybersecurity specialists and provide technical leadership and expertise to other team members
• Manage the team through large-scale event handling, complex threat analysis, and urgent incident response activities
• Leverage in-depth knowledge of logs, telemetry, and other data points to resolve complex technical issues
• Drive knowledge management, lessons-learned, preparation, and training of the team
• Conduct analysis across a wide range of tools and platforms used to continuously monitor the full enterprise technology environment (including network, endpoint, application, and Cloud)
• Assume incident command and communication across multiple teams during triage and containment efforts required to maintain the integrity and security of enterprise-wide systems and networks
• Collaborate closely with internal and external stakeholders

Requirements

• Strong experience in C/C++ Embedded or C/C++ Linux development
• Solid understanding of basic security concepts such as symmetric and asymmetric key algorithms, digest algorithms, signature computation
• Excellent knowledge of OpenSSL library (or other equivalent library), OpenSSL command line tool
• Exceptional expertise in firewalls, TLS client/server communication, and X.509 certificates
• Profound understanding of mandatory access control mechanisms (e.g., SELinux, SMACK, etc.)
• Excellent knowledge of link-layer security mechanisms (e.g., MACsec)
• Superior comprehension of common security features such as secure boot, secure update, secure debug (JTAG), secure diagnostics, secure time, secure storage and wipe, and secure logging
• Excellent knowledge of DRM (e.g., Widevine, PlayReady, etc.) provisioning mechanisms
• Strong knowledge of building hardening mechanisms
• Excellent knowledge of secure coding techniques
• Outstanding proficiency in threat modeling, fuzz testing, penetration testing, vulnerability management, and software bill-of-materials (SBOM)
• Excellent knowledge of various operating system hardening techniques
• Excellent spoken and written English
• Background in the automotive domain will be a plus

Why take this opportunity

• Professional Growth: Clear career path, vertical and horizontal advancement opportunities 
• Regular Salary Raises: Following the curve of your career path and performance
• Work Where You Want: Choose to work remotely, in-office, or a combination of the two
• Upskilling: Various trainings, knowledge sharing events, personal learning budget
• Incentive Programs: Rewards for referring employees, sharing knowledge, and more
• Additional Insurance: Attractive health and dental insurance packages 
• Extra Days Off: The longer you work with us, the more paid leave you get
• Transport & Leisure: Partial coverage of transport costs, sports passes, takeaway food
• Save for the Future: Set a retirement plan or start an investment program 
• Teambuilding: Enjoy team gatherings and communities of interest
• Giving to Others: Take part in various charity and volunteer activities
• Mental Wellness: Support with a counseling package if needed

MentorMate is part of the Tietoevry Create global network of companies. Together, we are global leaders in digital consulting, design, and engineering services. MentorMate and Tietoevry Create are equal-opportunity employers. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.