Associate cyber security consultant

Posted: April 28, 2023, 12:54 p.m. - Full Time - Remote

Security Brigade is looking for a talented Associate Cyber Security Consultant who will be responsible for security assessments and penetration testing of application and enterprise environments as well as security research and development of security tools, processes and testing methodologies.

**Key Tasks and Responsibilities

Perform web/mobile application security testing, vulnerability assessments, source code reviews, configuration reviews, cloud security, API security testing

Profile an application, identifying threats, and developing test cases to target identified threats in application built with frameworks like React, Django, etc

Identify and exploit vulnerabilities in applications and networks

Manage project timelines, deadlines and expectations - including customer interactions

Prepare reports documenting identified issues based on internal templates

Interact with customers in a collaborative consultative manner to deliver results, provide feedback and remediation recommendations on findings

Research emerging security topics and new attack vectors

Write tools and scripts to automate technical processes and make audits more efficient

Requirements In-depth understanding of security issues, exploitation techniques and remediation measures

Ability to follow an in-depth manual testing process and not just run automated tools and copy paste results

Development knowledge of any current programming languages

Strong understanding of application and network security

Strong oral and written communication skills

Involvement in software community via OWASP, WASC, Null , ClubHack and/or open source development is highly desirable

Track record speaking at major security conferences such as OWASP Appsec, SANS Appsec, and Blackhat, Nullcon is highly desirable

Basic understanding of latest tools like Burp Proxy, Acunetix, SQLmap, Nmap, Nessus

Candidate Profile / Criteria :

TLDR - Passion > Education

We don't require a B Tech or BSc degree, but plenty of the team has them. We always look at capabilities and experience first. Candidates with published advisories, tools, research papers, generally anything that can demonstrate you know your stuff when it comes to web and mobile applications will be preferred.

About Security Brigade

Security Brigade is a pure-play information security consulting firm specializing in delivering high quality services through expert driven manual testing. Founded on the core belief that "Great audits are done by great auditors - not expensive tools", Security Brigade's approach is built around strong processes that enable auditors to conduct in-depth manual security audits. Security Brigade is based out of Mumbai, India and was founded in December 2006. It conducts thousands of audits a year for organizations such as:MakeMyTrip, Network 18, Tata Group, HDFC, Vodafone, IRDA, Reliance Money, Netmagic Solutions among many others.

For more information, visit