QATAR requires that the operations comprises of a team leader with a minimum of five (5) years experience managing large scale projects involving common criteria lab operations subject of this RFP for accounts similar in scope and complexity to this project and must have demonstrated effective oral and written communications skills in English.
Analysis and evaluation of software for weaknesses and faults in source code and binary which can lead to vulnerabilities
Assessment Includes source /binary/byte code analysis, application vulnerability scanning, binary fault injection, fuzzing, pedigree analysis, malware analysis, data hiding]
Analysis and evaluation of a system under test (SUT) by performing actual controlled cyber-attacks utilizing external and internal threats. Includes vulnerability scanning, attack throwing, attack automation and reconstruction.
Mastering of Reverse Engineering principals;
Assembly language skills
Solid knowledge of TCP/IP networking, VPNs, and the applicable security concepts;
Solid Knowledge of Operating systems and Databases
Hands on experience with Crypto devices, encryption technology;
Mastering of a programming language and the ability to conduct security code reviews;
Vulnerability analysis and fuzzing experience;
System hardening experience;
Common Criteria and ISO 15408 experience will be highly regarded
Ability to use the below tools:
Distributed Penetration Platforms
Testing Frontends / Virtual Systems
Penetration Tools and Systems
Source Code Analysers ( Manual and automated)
Information flow controls
Demonstrating knowledge on the following certifications are assets: CC EAL4+, PCI, SCSAS, SCSA, SCNA,
SCSECA, ISSEP, CISSP, GCIA, CCNA, CCSA, CCSE, RHCE, MCP/MCSA/MCSE, EC-CEH.