Penetration tester

Posted: July 24, 2020, 7:33 a.m. - Full Time - Bangalore

EY Bengaluru team is looking for a Security consultant / Analyst with the following skill sets:

  • Ability to conduct penetration testing on network infrastructure
  • Ability to plan and create penetration testing methods, scripts and tests
  • Ability to conduct security testing on web / mobile applications
  • In-depth knowledge of OWASP top 10 and other known web vulnerabilities
  • In-depth understanding of web application security and secure coding practices
  • Ability to perform manual Source Code Review (ASP.NET, C#, SQL etc.)
  • Experience in working on any Cloud technologies like Azure, AWS etc.
  • Ability to write security review reports which quantify and communicate the risk appropriately to the clients
  • Ability to collaborate with clients to create remediation strategies that will help improve their security posture
  • Basic knowledge of any scripting languages (Powershell and Python preferred) / programming languages will be an added advantage
  • Basic understanding of DevOps and DevSecOps is an added advantage
  • Experience in Threat modelling of applications
  • OSCP certification is a requirement
  • Other security certifications (optional) will be an added advantage
  • Good Communication skills
  • Ability to work in a team and be a contributor
  • Must have adaptability and flexibility