Job Description

Location: Building No 12D, Floor 5, Raheja Mindspace, Cyberabad, Madhapur, Hyderabad - 500081, Telangana, India Responsibilities Hands-on position involving penetration testing activities of Products (IOT & IIOT), complex applications, operating systems, wired and wireless networks, and mobile applications/devices Develop, maintain & track security testing plans Automate DAST activities as part of SecDevops along with tools on networks, systems, and applications Develop metrics to reflect the security posture of the environment allowing the organization to make educated decisions based on Cyber risk Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for Pen test Team Be a Mentor and coach to provide guidance and expertise for team\'s growth Communicate security issues to a wide variety of internal and external \'customers\' to include technical teams, executives, risk groups, vendors, and regulators Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests Manage Penetration Test lab and improve its efficiencies year on year Supports all phases of the secure engineering, support, and development lifecycles in collaboration with multifunctional leaders, stakeholders, contributors, and businesses Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Foster and maintain relationships with key stakeholders and business partners Work on PSIRT activities, stakeholder management & CVE review/ analysis Required Qualifications Bachelor\'s degree or above in computer science, software engineering, or equivalent 7 - 12 Years of Penetration Testing experience for Products, Applications, Networks etc. Cross-functional and multi-domain technical aptitude Experience in application penetration testing (Embedded SW, Web, Mobile, thick client, IoT) with tools such as but not limited to...Kali Linux, Burpsuite, Metasploit, Acunetix, Nessus, etc. Have knowledge and experience in OWASP Top 10 or SANS Top 25 In-depth knowledge of development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Excellent knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS or Azure Critical thinker and problem solver Excellent organizational and time management skills Good cyber security capabilities including application protocols, development, and common attack vectors. Familiarity with fuzzing, reverse engineering tools, debuggers, and dynamic analysis techniques. Experience and knowledge of penetration testing methodologies and tools. Experience in setting up Pen testing labs, remote execution of IOT pen tests Good communication skills Desired Qualifications Experience and knowledge of penetration testing methodologies and tools Experience and understanding of Agile software development practices Good to have certifications like OSCP or GPEN Excellent communication, mentorship, change management and leadership skills Ability to script advanced attacks. Ability to \'fuzz\' applications and protocols for new vulnerabilities and able to fully exploit newly discovered vulnerabilities. Ability to discover advanced logic flaws and multiple step architectural errors. Excellent understanding of security by design principles and architecture level security concepts. Understanding of Agile software development practices Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class. Job Applicant\'s Privacy Notice: Click on this to read the Job Applicant\'s Privacy Notice

foundit