Professional 2 information security
Posted: July 27, 2020, 4:59 p.m. - Full Time - Ind - ka - bangalore
Experience and Skills Required
- Bachelor’s degree in Computer Science, Engineering, or related field or equivalent work experience. May hold Master's or advanced degree in related field
- 8+ years of professional experience
- Penetration testing skills including the use of security assessment and hacker tools; e.g. BURP, AppScan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper
- IT security knowledge
- TCP/IP networking
- Windows and Unix/Linux operating systems
- Web-based applications and services (SOAP/REST)
- Familiarity with databases; e.g. MS-SQL, MySQL, Oracle
- Understanding of common TCP/IP protocols; e.g. HTTP, HTTPS, SMTP, Telnet, FTP, SNMP
- Knowledge and experience of OWASP Framework/Methodology
- Mobile Security
Core competencies & Knowledge:
- 5+ years relevant experience in VAPT
- Good to have OSCP / ECSA (Practical) / APT/ LPT Certified.
- Experience with Information security concepts and design principles.
- Familiarity with Secure Development lifecycle.
- Experience in experience in Kali Linux and other penetration testing tools
- Should have experience in Operating systems like Linux, Windows, web application, Virtualisation-VMWARE, network/ infrastructure security and assessments
- Should have hands on experience in industry standard tools for port scanning, fuzz testing and vulnerability tests.
- Experience in Web Application security testing (Black, White and grey box) and validation of the vulnerabilities.
- Knowledge on OWASP, OSINT,Sandbox, Kali Linux, Burp suite, CVE, SSL PKI,2FA, IAM, Perimeter security, SIEM solutions.
- Understanding on digital certificates and PKI infrastructure.
- Good exposure in Database technologies (SQL, Oracle).
- Good Experience in SAST, DAST (web application security),
- Knowledge of Mobile applications security testing.
- Updated knowledge of the latest exploits and security trends. , Dark Web , MITRE attack framework and kill chain model , APT
- Experience with scripting and programming skills (Python, Powershell, Java, Perl, Ruby etc).
- Good knowledge on one of the VA tools like Rapid7, Nexpose, Qualysguard, Tenable Nessus etc.
- Strong interpersonal skills promoting customer confidence in our services and in DXC;
- Ability to manage time and prioritize work;
- Ability to work in a high-pressure team environment;
- Ability to pick up and understand new technology concepts, security policies, and regimes;
- Strong communication and analytical skills and ability to identify advanced threats.
- Ability to communicate effectively at all levels of an organization, across diverse cultural and linguistic barriers, and among a geographically distributed team.
- Positive and constructive attitude.