Experience 5 - 8 years
About Company: Company is the fastest growing Cyber Security Services Provider with more than 280 customers on board, an Award winning, Innovative, Visionary IT security company having customers in three different continents, helps many organisations ( Not Limited to any Industry Vertical / Domain) including Fortune 100 Companies in the World, to secure their basic security infrastructure using latest scanning technologies, methodologies and deep expertise provide end to end information Security Services Solutions Management with customer-concentric objectives such as getting access to:
- Cyber Security Framework Implementation as per 19+ Cyber Security Compliance Standards.
- Cyber Security Policies & Procedures formulation for Stock Brokers / Banks / Corporate Organisations / SMEs and Start-ups.
- Security Assessment (VAPT) of IT Infrastructure / OT Infrastructure / Hardware devices.
- Achieving Security Controls as per Cyber Security Guidelines.
- Providing Training to the internal team on maintaining compliance.
- Security Monitoring for Threat Intelligence.
- Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application, mobile application and thick -client applications.
- Conduct Vulnerability Assessment & configuration reviews for OS, DB, Firewall, routers, Switches and other security devices/components.
- Perform manual testing of web applications, mobile applications and thick clients.
- Conduct source-code review using automated and manual approaches.
- Prepare detailed reports.
- Ensure timely delivery of status updates and final reports to clients.
- Handle Clients queries.
- Keep oneself updated on the latest IT Security news, exploits, hacks.
- Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks.
- Conduct cyber-attack simulations as part of the RED team activity. Technical Competencies
- Extensive Working knowledge of Operating systems: Windows and variants, Unix and variants, Linux and variants.
- Knowledge about Computer Networks, System Security, Firewalls, IDS, IPS and Vulnerabilities.
- Well versed in the use of ethical hacking/network scanning tools such as Burp Suite, Nipper ,Nmap, Amap, Nessus-OpenVAS, SAINT, Metasploit, Acunetix Web Application Scanner amongst others.
- One or more scripting languages like perl/php/python/bash OR one or more programming languages like C/C /Java.
- Min 2+ years of experience in penetration testing of Infra/web/mobile.
- BCA/MCA/B.Tech/M.Tech in Computers Science or Information Technology or related fields.
- Previous Hall of Fame, Bugbunty & CTF achievements are plus.
- Strong written and verbal communication skills, with a proven ability to communicate with technical staff, as well as project teams.
- Keeping pace with standards and technologies related to security.
- Pentest standards and methodologies, OWASP, NIST among others.
- Familiarity with cloud platforms (preferably Azure)
- Efficient and effective usage of Pentest tools as well as demonstrate less dependency on tools.
- Proactive interest in emerging technologies and techniques related to penetration testing.
- OSCP and other equivalent cyber security certifications preferred.