Job Description

Role:

Penetration Tester (Individual Contributor)

Location

: Mumbai

Your experience

At least 4-8 years of experience in Information Security/ Cybersecurity, primarily in performing Vulnerability Assessment and Penetration Testing for Web/ Mobile/ Client Applications, IT Infrastructure and Network Devices, Red Team Assessment, OSINT, Purple Teaming, etc.

Primary Responsibilities:

Internal Vulnerability Assessment and Penetration Testing - All kind of applications - Client/ Web/ Mobile, IT Infrastructure and Network Devices Internal Red Team Assessment IT/OT Cybersecurity Assessment and Penetration Testing Supporting the implementation of DevSecOps Wireless and Network penetration testing Vendor Security & Risk Assessment Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans

Secondary Responsibilities:

Supporting various Cybersecurity Projects/ Initiatives/ POCs, as needed Providing information security support for projects and enquiries from other functions and business across the APAC Region Assessing and managing risks, vulnerabilities, threats and compliance within the Region Develop, use and continuously improve a formal set of processes by which the organization can identify various security concerns, gaps and remedial actions to ensure the appropriate IT/Cyber Security resilience Co-ordinate with Internal Teams within IT/ GDH/ Business and ensure critical audit findings and gaps are addressed in timely manner

Education / Qualification

Bachelor's degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity. Must have at least one practical/lab/challenge penetration testing certification (OSCP, OSWE, OSCE, OSEE, SANS, eCPPTv2, eCPTX, eWPTXv2, etc.); CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are optional/ added advantage

Required skills:

Penetration Testing using various open source and professional tools and methodologies. Good command over Kali Linux and Tools NIST Cybersecurity and MITRE Framework Open Source Intelligence (OSINT) Red Teaming/ Purple Team operations Knowledge and Experience in VA/PT Tools like Nessus, Qualys, MetaSploit, WebInspect, BurpSuite, etc. Top 10 OWASP Vulnerabilities and Attack Vectors Phishing and Social Engineering Attack vectors Privilege Escalation Techniques Application Security/ SSDLC/ DevSecOps Networking and IT Security Fundamentals Vendor Security and Risk Assessment

Leadership & Soft skills:

Lead by example on values and culture. Open-minded, collaborative and an effective team player. Ability to work in a multicultural and diverse team. Driven for success and aspiring to a culture of service excellence, always putting the customer, our people and our business at the center of everything he/she does. Ability to deal with ambiguity. Ability to communicate openly and effectively with many diverse stakeholders, with external vendors and auditors, and with staff. Ability to work proactively and under pressure considering the criticality required to ensure the right quality of service for the business. Document/ report preparation for Penetration Testing

Key Personal Attributes

Security and Continuous Improvement Mind-set Business focused, Customer & Service minded Strong Consultative and Management skills Confident in advising, developing and articulating solution Result oriented and with a work ethic of delivering on-time and in scope Open to Change and Attitude to challenge the Status Quo, as needed

Interested candidates kindly Apply or share your resume at yuneeta.shende@rigvedit.com

Job Types: Full-time, Permanent

Pay: ₹246,884.90 - ₹1,497,845.54 per year

Benefits:

Flexible schedule Health insurance Provident Fund
Work Location: In person