Senior security analyst - vapt

Posted: Nov. 13, 2021, 6:15 a.m. - Full Time - Ahmedabad

Key responsibilities:

• Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application, mobile application and thick -client applications. •Conduct Vulnerability Assessment & configuration reviews for OS, DB, Firewall, routers, Switches and other security devices/components.
• Perform manual testing of web applications, mobile applications and thick clients.
• Conduct source-code review using automated and manual approaches.
• Prepare detailed reports.
• Ensure timely delivery of status updates and final reports to clients.
• Handle Clients queries.
• Keep oneself updated on the latest IT Security news, exploits, hacks.
•Prepare Threat Intelligence reports for newly discovered threat agents, exploits,
attacks.
• Conduct cyber-attack simulations as part of the RED team activity.

Technical Competencies

• Extensive Working knowledge of Operating systems: Windows and variants, Unix and variants, Linux and variants.
• Knowledge about Computer Networks, System Security, Firewalls, IDS, IPS and Vulnerabilities.
• Well versed in the use of ethical hacking/network scanning tools such as Burp Suite, Nipper ,Nmap, Amap, Nessus-OpenVAS, SAINT, Metasploit, Acunetix Web Application Scanner amongst others.
• One or more scripting languages like perl/php/python/bash OR one or more programming languages like C/C /Java.

Experience Required:

• Min 2+ years of experience in penetration testing of Infra/web/mobile.
• BCA/MCA/B.Tech/M.Tech in Computers Science or Information Technology or related fields.
• Previous Hall of Fame, Bugbunty & CTF achievements are plus.
• Strong written and verbal communication skills, with a proven ability to communicate with technical staff, as well as project teams.
• Keeping pace with standards and technologies related to security.
• Pentest standards and methodologies, OWASP, NIST among others.
• Familiarity with cloud platforms (preferably Azure)
• Efficient and effective usage of Pentest tools as well as demonstrate less dependency on tools.
• Proactive interest in emerging technologies and techniques related to penetration testing.
• OSCP and other equivalent cyber security certifications preferred.