Nangia Andersen LLP - Associate/Senior Associate - IT Audit

Job Description

- Conduct vulnerability assessment and penetration testing for network, servers, and other infrastructure

- Conduct application security assessment of web applications, mobile applications, thick-client application and API

- Conduct configuration reviews for Operating System, Database, Middleware, Firewall, Routers, Switches and other infrastructure.

- Ensure timely execution of projects and final reports to clients

- Handle client queries

- Stay abreast of the latest updates in technology, security trends, vulnerabilities, exploit techniques and security news

Desired Candidate profile

- Hands-on experience of conducting security assessments of Web Applications, Mobile Applications, Web Services/APIs, Thick-client

- Experience in tools such as burpsuite, nessus, nmap, acunetix, metasploit, checkmarx, etc.

- Experience with Open Web Application Security Project (OWASP),SANS, Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.

- Ability to explain technical vulnerabilities to both technical and non technical audience highlighting business risk.

- Knowledge of at least one cloud technology (AWS, Azure, GCP) is a plus

- Good understanding of coding best practices and standards.

- Good knowledge of at least one of the following programming/scripting languages viz. python, ruby, C#, powershell, C/C++, Java

- Good communication skills

- Critical thinking and good problem-solving abilities.

- Organized in planning and time management skills are preferred.

- At least one Certification such CEH, OSCP, CISSP, CISA is essential.