Urgent requirement for vapt role at client site delhi location

Posted: Sept. 6, 2021, 10:20 a.m. - Full Time - Delhi

Who Are We?

At SecureLayer7, we aim at solving challenging cybersecurity problems and hurdles faced by organizations. We bring bright minds together to provide a smooth experience in cybersecurity and achieve our vision by making organizations secure from cyber attacks. Our skilled pentesters and security engineers work on the project from a cryptocurrency exchange to IoT devices. SecureLayer7 is the parent to cybersecurity products namely AuthSafe and BugDazz.

About Job:

We are looking for someone who is confident and loves new challenges and opportunities to learn about SecureLayer7.

The opportunity is for Delhi location at client site.

At SecureLayer7, we offer a respectful, fun, collaborative, positive work culture that encourages growth, innovation, hard work and career progression.

Requirement:

Candidate should have minimum 2-4 years of experience in vulnerabilities in software systems, Web, Networks and mobile based application.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• Work closely with Application Developers/architects to track the security defects to closure
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• Well versed with OWASP – Top Ten
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews
• Familiar with popular tools:
o Application Proxy: Burp suite, Paros, OWASP ZAP, Wire Shark
o Vulnerability Scanners: IBM AppScan, HP Web Inspect, Nessus, NTO Spider
o Exploit Toolkits: Metasploit, Exploit DB etc.

Required Technical Competencies.
• Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.

Skills Required (Mandatory)
• Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile)
• Network Security Testing/Penetration Testing (Network, OS, Databases etc)
• Static Code Analysis/ Secure Code Review
• Security defect Tracking and working closely with Developers to fix the issue

Candidates who have Bug Bounty Experience and have Hall of Fame will be preferred.
Understanding of:
Penetration testing (network and web application)
Vulnerability scanning and
Professional experience or working knowledge of:
Source code analysis
Advanced network protocol manipulation
Social engineering

Primary Responsibilities
• Intelligence gathering and social engineering
• Network and web application penetration testing
• Security assessments
• Develop innovative tactics, techniques, and procedures.
• Assist in preparation of well documented reports identifying weaknesses to include mitigation strategies
Qualifications
• A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired
• Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding preferred
• Knowledge of at least one interpreted and one compiled programming language
• Advanced knowledge of multiple operating systems (Windows, Linux, BSD, etc.)
• Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset preferred
• Excellent technical writing skills and attention to detail
• Able to give training and communicate vulnerabilities to developers/managers
• Ability to be agile and work in a fast paced environment
• Excellent written and verbal communication skills

Education/Certifications
• Bachelor Degree in Computer Science or equivalent.
• OSCP, CEH or other relevant industry certification