Job Opportunities in India

Votre rôle

Key Responsibilities

• Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer
• Work on full assessment & revalidation cases within customer defined timelines.
• Handling report creation based on pentest outcome as per customer template
• Develop new test cases, scenario & able to perform API pentesting.
• Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems |
• Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation |
• Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities.
• Perform source code review & configurations reviews against CIS benchmarks and security standard.
• Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions.

Votre profil

Education, qualifications, and certifications

• Degree / Diploma Holders with good knowledge in pentest domain.
• Excellent verbal & written communication skills in English language

Mandatory skill set

• Proficiency in Pentest tool such as using Burp suite and Kali Linux
• Proficiency in Python and Java, Java Script, and Other coding languages
• Good experience in performing security penetration testing and vulnerability assessment.
• Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc.
• Experience in Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews
• Knowledge on Web-based applications and services (SOAP/REST)
• Well versed in writing reports, test cases etc.
• / OSWP / OSCE certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester.

Secondary skill set

• Knowledge on Azure & scripting language.
• Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, Fire Bug, Nessus, John the Ripper.

Le plus de l'offre

Experience
Minimum of 5+ years related work experience in customer facing organizations within Pentest domain.

Entité

Global Delivery & Operations

Contrat