Infosec newbie looking for entry level training? So is SWIFT
International payments clearing-house SWIFT wants extra hands to keep its stable doors closed.
In a job ad that inexplicably fails to mention the hundreds of millions of dollars missing, in a variety of currencies because of astonishingly-lax security, it seeks an information security trainee.
As previously documented, SWIFT’s slackery aided and abetted a US$81 million heist from the Bangladesh central bank, another $12 million from Ecuador’s Banco del Austro, and attacks in the Philippines and Vietnam.
SWIFT’s response has been criticised for, among other things, only offering a guarantee that the network would “expand” its use of two-factor authentication, rather than demanding it of all banks.
The infosec specialist SWIFT is currently seeking in the US will be in an entry-level role: a bachelor of computer science with more than no experience at all, with work experience in PHP, Perl or Python; MySQL and Unix knowledge.
“Knowledge of intrusion detection and vulnerability assessment capabilities is an asset”, the job ad says.
True enough: until recently, SWIFT doesn’t seem to have had intrusion detection on its list at all.