Consultant - Information Security
Job Description :
- Perform Web Application security assessment .
- Perform Mobile application security assessment.
- Conduct application risk assessment / application control review
- Conduct application penetration exercise using automated tools, customized exploits and manual analysis.
- Conduct network penetration testing, system vulnerability assessment & security configuration review
- Provides analysis and validation post remediation.
Experience & Key Skills :
- 3-7 Yrs. Relevant experience
- Practical experience in manual & automated grey box application security assessment
- Practical experience in mobile application (android / iOS) security assessment
- Exposure to API security testing
- Experience in using application security assessment tools/platforms such as Burp Suite, Paros, Samurai WTF, Kali Linux, Charles, Metasploit.
- Understanding of the OWASP Top 10 application security risks.
- Knowledge of networking concepts like TCP/IP, UDP, HTTP, TLS, SSH, DNS, firewalls, etc.
- Experience of drafting web application security assessment report.
- Excellent problem solving and analytical skills; outstanding oral and written communication skills.
- Practical experience with Static and Dynamic Application Security Test (SAST/ DAST) solutions e.g. Fortify, Veracode, Checkmarx is desirable.
- Candidate with software programming background with language and tools such as Java/JavaScript; JSP; Python; PHP; ASP.Net HTML/CSS is desirable.
- Experience in conducting network penetration testing & system vulnerability assessment using VA tools (e.g. Nessus, Nexpose etc.) and VA checklist is desirable
- Basic to intermediate knowledge of SQL is desirable
- Knowledge of ISMS is desirable
Didn’t find the job appropriate? Report this Job