Senior security analyst vapt

Posted: May 10, 2022, 9:07 a.m. - Full Time - Ahmedabad

Key responsibilities:

• Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application, mobile application and thick-client applications. •Conduct Vulnerability Assessment & configuration reviews for OS, DB, Firewall, Routers, Switches and other security devices/components. • Perform manual testing of web applications, mobile applications and thick clients. • Conduct source-code review using automated and manual approaches. • Prepare detailed reports. • Ensure timely delivery of status updates and final reports to clients. • Handle Clients queries. • Keep oneself updated on the latest IT Security news, exploits, hacks. •Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks. • Conduct cyber-attack simulations as part of the RED team activity.

Technical Competencies

• Extensive Working knowledge of Operating systems: Windows and variants, Unix and variants, Linux and variants. • Knowledge about Computer Networks, System Security, Firewalls, IDS, IPS and Vulnerabilities. • Well versed in the use of ethical hacking/network scanning tools such as Burp Suite, Nipper ,Nmap, Amap, Nessus-OpenVAS, SAINT, Metasploit, Acunetix Web Application Scanner amongst others. • One or more scripting languages like perl/php/python/bash OR one or more programming languages like C/C /Java.

Experience Required:

• Min 2+ years of experience in penetration testing of Infra/web/mobile. • BCA/MCA/B.Tech/M.Tech in Computers Science or Information Technology or related fields. • Previous Hall of Fame, Bugbunty & CTF achievements are plus. • Strong written and verbal communication skills, with a proven ability to communicate with technical staff, as well as project teams. • Keeping pace with standards and technologies related to security. • Pentest standards and methodologies, OWASP, NIST among others. • Familiarity with cloud platforms (preferably Azure) • Efficient and effective usage of Pentest tools as well as demonstrate less dependency on tools. • Proactive interest in emerging technologies and techniques related to penetration testing. • OSCP and other equivalent cyber security certifications preferred.