Security analyst - red teamingPosted: July 29, 2023, 6:19 a.m. - Full Time - Mumbai
We are seeking a Security Analyst (Red Team) to join our dynamic Security Testing dream team and take lead in performing red teaming assessments. Hands-on role that also requires oversight and collaboration with team of security analysts.
Job Responsibilities Deliver Red Team Exercises Conduct state-of-the-art penetration testing against web applications, network infrastructures, user workstations, network appliances and other devices and technologies. Manual and automated security testing of Web applications, APIs, and Mobile Applications. Static and Dynamic testing (SAST & DAST) of thick clients / applications Develop Proof-of-Concept (PoC) for the identified vulnerabilities. Provide remediation guidance to identified vulnerabilities. Develop and execute security testing project plans. Incorporate metrics providing comprehensive insight about the security posture of an organization that will help senior management with decision making.
Technical Skillsets (Mandatory) Write offensive security software such as: backdoors, keyloggers, password dumpers, spear phishing payloads, and webshells Knowledgeable about the cyber kill-chain, and can demonstrate that he or she can: persist on a machine, escalate privileges, steal credentials and move laterally on other machines Find and exploit vulnerabilities in web applications, network services and enterprise network infrastructures Write in at least two of the following programming languages: C, Golang, Ruby and Python Experienced and knowledgeable in reading Java, C#, C, PHP, Objective C Experienced with databases: MySQL, Postgresql, Oracle Experienced with security tools: Burp proxy, Metasploit, Nessus, Kali, and others Sound understanding of security frameworks (OWASP Top 10, NIST, MITRE ATT&CK)