Vapt manager

Posted: Aug. 22, 2020, 7:49 a.m. - Full Time - Mumbai

Vulnerability Assessment & Penetration Testing (VAPT) -OSCP Certified

Network VAPT

The candidate must have deep experience in carrying out VAPT of the following network elements: Firewalls Core routers Core switches Wi-fi networks * Windows servers

Web Application VAPT

Candidate must have strong experience in carrying out web application based VAPT including that of web crawling and building custom scripts for SQL injection and browser exploitation.

Mobile Security

The candidate must be adept at carrying out mobile security testing covering aspects like app VAPT, Mobile app server VAPT and preferably some knowledge of mobile code review for popular platforms like IOS/Android.

Cloud Infrastructure & Application Security

  • Infrastructure Vulnerability scans
  • API testing
  • Micro services testing
  • Platform specific testing experience would be an added advantage (e.g. VA PT of AWS, Azure)

Tools Experience

  • Nmap
  • Nessus
  • Burp suite
  • Masscan
  • Accunetix
  • Air crack ng
  • Air Snort
  • Metasploit
  • Maltego
  • Shodan
  • OWASP ZAP
  • ADB
  • IPAD file explorer
  • Kali Linux
  • Wireshark
  • Live CD’s like Kitana

Scripting and coding experience (optional – good to have)

  • Python
  • PHP
  • BASH

Services Specific Experience : #2 Red Teaming Skills

The candidate must have reasonable experience in conduct of red teaming campaigns such as;

  • Phishing campaigns
  • Perimeter breach testing
  • AD compromise
  • Web Application compromise and Exfil
  • WAF by passing
  • EDR bypass testing
  • Payload development using KALI/Cobalt Strike etc.
  • An added advantage would be skills around custom malware development

Sales support Skills & Project Management

The candidate is expected to have the following skills:

Sales Support

  • Carry out internal risk clearance and management processes for client
  • Assist senior management in research and writing technical white papers

Project Management

  • Tracking time charged on projects
  • Oversee activities and work with project team members on a hands on model to ensure quality delivery
  • Be the first point for client for status update meetings and project escalations
  • Build project presentations and audit reports
  • Discussions of draft audit report for stakeholder buys in (in case of audit assignment)

Team development

  • Support managers in Building excellent and simplified training materials to train client teams and Junior team members
  • Conduct knowledge sharing sessions for the teams below them on a monthly basis

Key soft skills and other requirements

  • The candidate is expected to have excellent analytical skills and report writing skills to ensure that deliverables for all assignments are well accepted by the clients.
  • The candidate is also expected to have excellent presentation making skills to ensure that report summaries are made into succinct theme based presentations to senior management.
  • The candidate may be required to travel for short to long term assignments depending on client requirement.
  • Must have been in a client facing role in addition to a technical role.
  • Must have managed mid-level stakeholders at client (VP level, CISO, and Audit leads)