INFORMATION SECURITY - JOB DESCRIPTION
Technical Skills :
- Vulnerability Assessment (VA)
- Penetration Testing (PT)
- Web Application Security Testing
- Mobile Application Security Testing
- Thick client and Web services Security Testing
- Wi-fi Network Assessment
- Strong knowledge of security assessment tools e.g. Nessus, Acunetix, Appscan, nmap, Kali Linux etc.
- Strong knowledge of Operating systems preferably Linux / UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipments
- System and Network Hardening
- Network Security Architecture Review
- Red Teaming/Purple Teaming
- Social Engineering, Phishing Attacks
- Malware and malicious code analysis
- Source Code Review
- Knowledge of Telecommunication Network and/or banking network would be preferred
- Knowledge of Supervisory control and data acquisition (SCADA) systems and Industrial control system (ICS)
Process Skills :
- Information Security Reviews
- Risk Assessment & Management
- Vendor security reviews
- SOC/NOC Review
- Network/Servers Change and Configuration Management Review
- Cyber Security Drills
- System and Process review around below IT enablers:
- NAC Review
- DLP
- Anti-Virus
- Domain Controller
- Email Security
Certifications :
- CISSP
- CEH
- ECSA
- CCSP
- OSCP/OSCE
- CCSK
- Cyber Security Nexus (CSX)
- GSEC
- GPEN
- ISO 27001 LA / LI
- CISA / CISM
Experience :
- 2+ years- experience in the related field, preferably with a consulting firm and in a Banking or Telecom domain
- Hands on experience related to conducting VAPT along with manual verification and exploitation, Web/Mobile application security testing, configuration review of operating systems, databases, network security devices, various security solutions such as WAF, SIEM, Email Security, Firewalls, IPS/IDS etc.
- Either one of the above certification, preferably in core security such as OSCP/OSCE, CEH/ECSA
Didn’t find the job appropriate? Report this Job