Head - IT Security & Testing Practice

Head (IT) Security & Testing Practice

Job Description :

Head (IT) Security & Testing Practice - for a Professional Services Firm based at Mumbai.

B.Tech/M.E./MCA - Computer Science/IT qualified candidate with 7-10 Years of Relevant

Experience in Security Vulnerability Assessment & Penetration Testing (VAPT) - having good exposure on OWASP, CWE /SANS top Most Dangerous Software Errors, and Center for Internet Security (CIS) Benchmarks, cloud security assessment, ISO27001 etc.

Roles & Responsibilities :

- Lead security testing practise in the company

- Build Security testing team with right skillsets, mentor junior security staff

- Understand client security challenges and provide solutions accordingly

- Design test plan and perform effective security testing

- Automate penetration and other security testing on networks, systems and applications

- Perform vulnerability assessment for network, web applications, DB, mobile applications, and thick-client application.

- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.

- Conduct configuration reviews for OS, DB, Firewall, Routers, Switches, Wireless Networks, and other infrastructure components.

- Develop comprehensive and accurate reports and presentations for both technical and executives.

- Ensure timely delivery of status updates and final reports to clients.

- Research new attack vectors and implement the same in methodology.

- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.

- Recognize and safely utilize attacker tools, tactics, and procedures

- Develop scripts, tools, or methodologies to enhance K&P red/blue teaming processes.

- Assist with scoping prospective engagements, leading engagements from kick-off through remediation, and mentoring less experienced staff.

This is a client facing role - hence the person must bring in client servicing orientation & hands-on approach towards deriving value-addition solutions.

This is a leadership role reporting directly into functional Director of Information Security Practice & would have an opportunity to scale the practice and build & grow the team.

The CTC offered for the role in in the range of Rs 25-30 LPA (inclusive of variable) which may be flexed to some extent for a deserving candidate.