Urgent requirement for vapt role at client site delhi locationPosted: Sept. 6, 2021, 10:20 a.m. - Full Time - Delhi
Who Are We?
At SecureLayer7, we aim at solving challenging cybersecurity problems and hurdles faced by organizations. We bring bright minds together to provide a smooth experience in cybersecurity and achieve our vision by making organizations secure from cyber attacks. Our skilled pentesters and security engineers work on the project from a cryptocurrency exchange to IoT devices. SecureLayer7 is the parent to cybersecurity products namely AuthSafe and BugDazz.
We are looking for someone who is confident and loves new challenges and opportunities to learn about SecureLayer7.
The opportunity is for Delhi location at client site.
At SecureLayer7, we offer a respectful, fun, collaborative, positive work culture that encourages growth, innovation, hard work and career progression.
Candidate should have minimum 2-4 years of experience in vulnerabilities in software systems, Web, Networks and mobile based application.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• Work closely with Application Developers/architects to track the security defects to closure
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• Well versed with OWASP – Top Ten
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews
• Familiar with popular tools:
o Application Proxy: Burp suite, Paros, OWASP ZAP, Wire Shark
o Vulnerability Scanners: IBM AppScan, HP Web Inspect, Nessus, NTO Spider
o Exploit Toolkits: Metasploit, Exploit DB etc.
Required Technical Competencies.
• Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
Skills Required (Mandatory)
• Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile)
• Network Security Testing/Penetration Testing (Network, OS, Databases etc)
• Static Code Analysis/ Secure Code Review
• Security defect Tracking and working closely with Developers to fix the issue
Candidates who have Bug Bounty Experience and have Hall of Fame will be preferred.
Penetration testing (network and web application)
Vulnerability scanning and
Professional experience or working knowledge of:
Source code analysis
Advanced network protocol manipulation
• Intelligence gathering and social engineering
• Network and web application penetration testing
• Security assessments
• Develop innovative tactics, techniques, and procedures.
• Assist in preparation of well documented reports identifying weaknesses to include mitigation strategies
• A knowledge of adversarial activities in cyberspace with an understanding of intrusion set tactics, techniques, and procedures (TTP) with the ability to emulate these TTP to assess vulnerability and risk desired
• Wireless, Network and TCP/IP skills along with Unix command, bash scripting, and / or python coding preferred
• Knowledge of at least one interpreted and one compiled programming language
• Advanced knowledge of multiple operating systems (Windows, Linux, BSD, etc.)
• Familiarity with Advanced Persistent Threat (APT) activity; Offensive attack hacker mindset preferred
• Excellent technical writing skills and attention to detail
• Able to give training and communicate vulnerabilities to developers/managers
• Ability to be agile and work in a fast paced environment
• Excellent written and verbal communication skills
• Bachelor Degree in Computer Science or equivalent.
• OSCP, CEH or other relevant industry certification