Vapt analyst

Posted: March 5, 2022, 1 p.m. - Full Time - Mumbai

We are looking for passionate Information Security Professionals to help us keep growing. If you're excited to be part of a winning team, Cyberkalki Security & Advisory Services is a perfect place to get ahead.

Job Title : Vulnerability Assessment and Penetration Testing Intern

Location : Remote / Hybrid

Job Overview

We are seeking a Vulnerability Assessment and Penetration Testing (VAPT) intern to join our dynamic Security Testing dream team and take lead in performing security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques. Hands-on role that also requires oversight and mentoring of a team of junior security penetration-testers

Job Responsibilities Manual and automated security testing of Web applications, APIs, and Mobile Applications. Static and Dynamic testing (SAST & DAST) of Thick clients / applications Develop Proof-of-Concept (PoC) for the identified vulnerabilities. Provide remediation guidance to identified vulnerabilities. Develop and execute security testing project plans. Incorporate metrics providing comprehensive insight about the security posture of an organization that will help senior management with decision making. Build and maintain strong relationships with key stakeholders. Technical Skillsets (Mandatory) Hands on experience in Penetration Testing Strong analytical and problem-solving skills and the ability to explain complex technical concepts in a clear and concise manner and to provide remediation recommendations. Knowledge of / or experience with both Enterprise and open-source offensive security tools for reconnaissance, scanning, exploitation Sound understanding of security frameworks (OWASP Top 10, NIST, MITRE ATT&CK) Technical Skillsets (Preferred) Proficiency in programming language(s) (e.g. Python, Ruby, Perl, PowerShell) Exposure to DevSecOps, Security Architecture review and Network Security assessment would be a bonus. Hands-on experience in Red Team Exercises, Threat Hunting, OSINT and Threat Modelling

Non-Technical Skillsets

Estimate Project efforts and meet delivery milestones and deadlines Excellent and effective report writing and verbal communication skills Deliver results within stipulated time-lines Team Player with good interpersonal skills Should be able to work independently with minimum and least supervision in complex, dynamic and challenging environment. Self-driven and self-managed technical team leader. Communicate project requirements and influence stakeholders with minimal supervision. Education and Certifications Industry recognized certifications (Eg: OSCP, CREST, eWPT, GXPN, GPEN, Cloud Certifications and other well acknowledged security certifications) preferred