Job Description
Required Technical Skill Set:
Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing
Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities
Should be aware of tools like HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools
Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest.
Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)
Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets
Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools
Map out a network, discover ports and services running on the different exposed network and security devices
Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts.
Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage
Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM)
Required Functional Skill Set:
Good interpersonal skills (written and oral communication) and ability to articulate complex issues
Ability to communicate technical information clearly and concisely, commensurate with the audience
Conceptual thinking and communication skills the ability to conceptualize complex business and technical requirements into comprehensible models and templates.
Good communicator (written and verbal) and listener.
Must be a team player and motivated self-starter with ability to work independently with limited supervision.
Must be assertive, methodical and detail oriented
Certifications:
Mandatory - CEH, ECSA, LPT (any one)
Preferred OSCP, OSWE
About Company
We are the global engineering and technology solutions company devoted to delivering knowledge that matters to help clients compete, innovate and propel forward along the digital continuum.
Our legacy expertise in embedded systems, enterprise applications and testing is a powerful complement to competencies in digital engineering, including cloud, IoT and cybersecurity, as well as data engineering services such as AI/ML and analytics.
Results-driven: Whether precision, sound product design, faster development, or other business-critical outcomes are desired, our metrics-based project and quality management tools, methodologies and frameworks are designed to consistently enhance performance benefits, reduce risk and provide predictable results.
Right-sized: We’re small enough to be nimble, flexible and accessible from the top down, plus have the resources, experience and judgement to have been trusted for engagements from a top-tier clientele around the globe for 30 years and counting. View history
Ready: We’re ready to work for you – and with you – to help you keep pace as you seek to ensure continued relevance for the future. If you are aiming to adapt to digitalization, strike a balance between quarterly growth and innovation, optimize R&D spend and business operations, or manage shorter development and deployment life cycles, we’d appreciate connecting with you to explore how we can help you deliver upon your core business objectives
