Security consultant

Posted: March 22, 2021, 9:50 a.m. - Full Time - Mumbai

Open positions: 6 Senior consultant, Exp : 5-7 years
3 Juniors: 2-3 years experience
Notice period: Immediate,15 days, 30,45 days Max
Share resume on

Roles & Responsibilities -

  • The major focus will be on Secure Code Review, Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.

  • The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.

  • Well versed with OWASP - Top Ten and WASC Threat Classifications

  • Expertise in Vulnerability Assessment and Penetration Testing of Web Applications

  • Business- Logic based application testing

  • Penetration testing of Mobile applications and websites.

  • Exploitation of the issues found and presenting the impact occurred

  • Source Code Reviews - Well versed in Java Secure Code Review

  • Well versed in OWASP Code Review concepts & identifiers

  • Familiar with popular tools: - Application Proxy: Burp suite, Paros, OWASP ZAP, Wireshark

  • Vulnerability Scanners: IBM App Scan, HP Web Inspect, Nessus, NTO Spider - Exploit Toolkits: Metasploit, Exploit DB etc

  • Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them

  • Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.

Skills Mandatory -

  • Static Code Analysis/Secure Code Review.

  • Application Security Testing/Penetration Testing (Web-based, Thick client, web services, Mobile)

  • Network Security Testing/Penetration Testing (Network, OS, Databases etc.)