Professional 2 information security

Posted: July 27, 2020, 4:59 p.m. - Full Time - Ind - ka - bangalore

Experience and Skills Required

  • Bachelor’s degree in Computer Science, Engineering, or related field or equivalent work experience. May hold Master's or advanced degree in related field
  • 8+ years of professional experience
  • Penetration testing skills including the use of security assessment and hacker tools; e.g. BURP, AppScan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper
  • IT security knowledge
  • TCP/IP networking
  • Windows and Unix/Linux operating systems
  • Web-based applications and services (SOAP/REST)
  • Development skills, preferably including one or more of C/C++/C#, Python, Ruby, Perl, PHP, ASP, JSP, Java, Javascript/ AJAX, XML/JSON
  • Familiarity with databases; e.g. MS-SQL, MySQL, Oracle
  • Understanding of common TCP/IP protocols; e.g. HTTP, HTTPS, SMTP, Telnet, FTP, SNMP
  • Knowledge and experience of OWASP Framework/Methodology
  • Mobile Security

Core competencies & Knowledge:

  • 5+ years relevant experience in VAPT
  • Good to have OSCP / ECSA (Practical) / APT/ LPT Certified.
  • Experience with Information security concepts and design principles.
  • Familiarity with Secure Development lifecycle.
  • Experience in experience in Kali Linux and other penetration testing tools
  • Should have experience in Operating systems like Linux, Windows, web application, Virtualisation-VMWARE, network/ infrastructure security and assessments
  • Should have hands on experience in industry standard tools for port scanning, fuzz testing and vulnerability tests.
  • Experience in Web Application security testing (Black, White and grey box) and validation of the vulnerabilities.
  • Knowledge on OWASP, OSINT,Sandbox, Kali Linux, Burp suite, CVE, SSL PKI,2FA, IAM, Perimeter security, SIEM solutions.
  • Understanding on digital certificates and PKI infrastructure.
  • Good exposure in Database technologies (SQL, Oracle).
  • Good Experience in SAST, DAST (web application security),
  • Knowledge of Mobile applications security testing.
  • Updated knowledge of the latest exploits and security trends. , Dark Web , MITRE attack framework and kill chain model , APT
  • Experience with scripting and programming skills (Python, Powershell, Java, Perl, Ruby etc).
  • Good knowledge on one of the VA tools like Rapid7, Nexpose, Qualysguard, Tenable Nessus etc.

Additional attributes

  • Strong interpersonal skills promoting customer confidence in our services and in DXC;
  • Ability to manage time and prioritize work;
  • Ability to work in a high-pressure team environment;
  • Ability to pick up and understand new technology concepts, security policies, and regimes;
  • Strong communication and analytical skills and ability to identify advanced threats.
  • Ability to communicate effectively at all levels of an organization, across diverse cultural and linguistic barriers, and among a geographically distributed team.
  • Positive and constructive attitude.