Sr.Sec Consultant

Detailed JD:

• In depth knowledge on OWASP, WASC, NIST
• Experienced in the Vulnerability Assessment & Penetration Testing of,
• Web Application Security Testing
• API Security
• Mobile Application Security Testing (Android & iOS)
• Thick client application testing
• Network Infrastructure
• Cloud infrastructure
• Secure Code review of Web, Mobile Applications
• Good understanding of SAST and DAST tools
• Cloud security review
• Strong knowledge of the application and network architecture
• Conduct red-team assessments using social engineering, physical security compromise and       other techniques.
• Perform network penetration testing and red team exercises.
• Support network architecture reviews.
• Perform in-depth reconnaissance for any customer assets.
• good understanding of the latest red team TTP’s

Experience in the Information Security domain across various industries like Banking, Finance, Stock Exchanges, real estate, E-commerce, NBFC & Insurance organization, etc.

Ensure timely delivery of status updates and final reports to clients.

Handle client queries.

Keep oneself updated on the latest IT Security news, exploits, hacks.

Contribute technical content – chapter meetings, blog posts

Conduct internal and external training on various topics related to security assessment.

Has hands-on exposure in the following tools:

Kali Linux / Metasploit

Burp Suite / ZAP / Fiddler / Immunity Debugger / IDA Pro / Ollydbg

Checkmarx / Contrast Security

Nmap / Netsparker / Nessus / Sqlmap / Nikto

Hands-on experience on various tools in DevOps and DevSecOps ecosystem, such as Jenkins, JIRA, Github, Checkmarx, OpenShift, Twist Lock, Ansible, Gradle, etc.

Exp. Req.- Minimum 2+ yrs in Cybersecurity Assessment domain

Certification- OSCP, OSWP, OSWE ( preferred ).

Work Loc: Hyderabad /Mumbai/Bangalore