Vapt sc consultant

Posted: Oct. 12, 2021, 5:31 a.m. - Full Time - Pune

Who Are We?  

At SecureLayer7, we aim at solving challenging cybersecurity problems and hurdles faced by organizations. We bring bright minds together to provide a smooth experience in cybersecurity and achieve our vision by making organizations secure from cyber attacks. Our skilled pentesters and security engineers work on the project from a cryptocurrency exchange to IoT devices.  SecureLayer7 is maker of cybersecurity products namely AuthSafe and BugDazz.

About Job:

We send a signal -  “w00t w00t” whenever we find a critical vulnerability. Our vision brings the most talented & experienced security consultants in the industry & this right opportunity to grow professionally.  

We have a professional development training plan where you can apply for OSCP certification after completion of 6 months of Internship.  

Who are you & What You Will Do:

Yourself a passionate Pentester who knows your way around finding vulnerabilities in digital assets. You may have found the critical to low vulnerabilities or zero-days vulnerabilities responsibly disclosed & presented at conferences or infosec groups. You have submitted multiple exploits on Public exploit repository websites.

You like to create vulnerability labs for practicing the latest vulnerabilities & keeping yourself updated with the latest vulnerabilities. You like to play around with Linux, Windows machines to bypass the existing security feature by writing shell scripts or existing tools.

With SecureLayer7, you will be assigned a mission to pentest Web, Binary (RE), Mobiles apps, Source code audit, application architecture review, Cloud infrastructure (AWS, GCP, Azure), & Ethereum Smart contract audit. Somedays, you will be assigned to work on research on the latest vulnerabilities & preparing the research paper about it. You will be given to work on Red assessment for accessing physical devices to compromise the data center. Few Days, you will be performing the source code audit & ETH smart contract audit. And regularly, you will be working on Web, Mobile & infra penetration testing. Every day you will be learning something new about infosec.

Willingness to travel up to  40%  as needed. Note: Currently HIGHLY limited due to COVID-19

As Pentester, you will be responsible for writing detailed reports & providing mitigation opinions to customers. You will be mentoring a JUNIOR Security consultant.

Education Qualification:

None, we love to work with skilled & passionate people. 

Overview of Technical Skills 

2 - 5 Years of experience in OWASP top 10 - Web, Thickclient & Mobile. 

Red assessment knowledge : Social engineering & exploit development. 

Great communication skills (i.e.written and verbal) - Working in team to find vulnerabilities 

As remote work, the self-discipline to work independently. 

Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred 

Knowledge of at least one programming language such as java, c#, c, c++ 

Knowledge of at least one scripting language such as python, shell script, javascript and good command to write automated tools & scripts during the Pentesting process. 

Candidate Must be able to write their own tools & scripts as when required 

Advanced knowledge of multiple operating systems (Windows, Linux, BSD, etc) 

Good to have in CV & Pulse Point to Get Selected  

HacktheBox Profile  

BugBounty Profiles  

Github Link  

Personal Blogs Link  

OSCP/E, GWAPT, or GPEN certifications 

CTF Player