Consultant - Security

Job Responsibilities:
 The candidate is expected to execute & manage multiple complex and enterprise application security testing projects
 The candidate is expected to complete projects on time, coordinate with client stakeholders for issues and challenges, track delays, etc.
 The candidate is expected to gain in-depth knowledge and understanding of enterprise web applications and web services developed in various languages (i.e. Java, ASP.NET, ReactJS, etc.)
 The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis
 The candidate is expected to identify and infer the business risk posed by vulnerabilities identified and showcase prioritization of risks including solution recommendations
 The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure and post project support perspectives
 The candidate is expected to mentor and train junior resources with focus on enhancing their skill sets
 The candidate is expected to monitor their team members’ adherence to established security testing processes and organization’s policies and procedures
 The candidate is expected to conduct project reviews to ensure a thorough testing is conducted by the team
 The candidate is expected to perform technical reviews to identify errors and suggest changes to ensure highest quality of the deliverables
 The candidate is expected to identify new test cases and develop techniques to test and showcase proof of concept
 The candidate is expected to track errors made by the engineers and develop an improvement plan for them
 The candidate should be open for onsite deployments anywhere across the world as business demands

Required skill set: 6+ years of Application Security Testing Experience

 Expertise in web application security testing
 Expertise in web application security testing
 Expertise in Mobile security testing
 Experience in application architecture review
 Ability to handle difficult situations and to provide alternative solutions or workarounds
 Experience in training and mentoring other team members
 Good verbal and written communication skills with the ability to talk to both business teams and technical teams

Preferred skill set:

• Expertise in web and mobile application security testing
• Security certifications such as CREST, GWAPT, GPEN, OSCP, ECSA, etc.
• Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)
• Flexible and creative in helping to find acceptable solutions for customers
• Ability to work on multiple complex assignments simultaneously
• Ability to work independently with minimal oversight and in teams
• Experience with leading and guiding a team of security engineers
• Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
• Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.