Job Description

We are looking for a skilled professional to join our organization as a Senior Security Consultant. This position will be responsible for VAPT related activities of clients' web applications.
Roles & Responsibilities

• Support remediation effort and track open issues to ensure closure of vulnerabilities.

• Follow-up on closure of identified gaps and utilize escalation matrix effectively wherever necessary.

• Perform regular audits to ensure security practices are compliant.

• Keep abreast with new technologies to ensure that the organization remains at the forefront of security.

• Managing a team of vulnerability scanners.

• Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.

• Other tasks as per client's requirements. Requirements / Key Skills

• In-depth knowledge of security issues, exploitation techniques and remediation measures.

• Hands-on Experience in Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets. o Hands-on experience with well-known security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc.

• Strong knowledge regarding mobile application security assessment (Android & iOS).

• In-depth understanding on Common Vulnerability Exposure (CVE) and CWE.

• Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).

• Perform in-depth analysis of VAPT results, ability to review assessment reports to provide risk mitigation & recommendations on that basis.

• Relevant experience of at least 3 years.

• Familiarity with OWASP Top 10, SANS Top 25 vulnerabilities along with its validations in source code and other security frameworks & Compliance.

• Good understanding of technologies such as Cloud security and recent trends. Desired Candidate Profile

• Engineering Graduate in CS, IT, EC or InfoSec, Cyber Security or MCA equivalent.

• Certifications Preferred: eJPT, CEH.

• Strong organizational, teamwork, multitasking & time management skills.

• Understanding of Thick client security assessment.

• Outstanding communication abilities. Ability to effectively communicate the required solutions.

• Ability to work under pressure & fast paced environment.

• Strong attention to detail with an analytical mindset & outstanding problem solving skills.

• Sound knowledge of MITRE ATT&CK and D3FENCE framework.

• Keen awareness of cyber security trends & attacking techniques.

Skills Required