Responsibilities:
- Conducting Vulnerability Assessment and Penetration Testing through Automated tools and providing the recommendations toward the mitigation of vulnerabilities
- Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools
- Map out a network, discover ports and services running on the different exposed network and security devices
- Conduct penetration test and launch exploits using Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets
- Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
- Analyze scan reports and suggest remediation/mitigation plan
- Keep track of new vulnerabilities on various network and security devices for different vendors
- Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices
- Advanced technical analysis on intrusions
- Audit configuration of Network and Security devices
- Providing rich client specific reports
- Experience in network vulnerability scanning penetration testing
- Experience with Nessus NetCat, NMAP Backtrack, Metasploit,, HPing, and similar tools set like retinas, Qualys, McAfee (Foundstone)
Core Skill Set required:
- Overall experience in the field of Information risk and security related initiatives/ projects
- Ability to understand business concepts and integrate business risk elements into security operations.
- Good communication and interpersonal Skills
- Experience in conducting VAPT
- Experience of working independently & as a team player
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
- Strong ethics and understanding of ethics in business and information security
- Should have exposure to Code review, Network VA/PT and App VA/PT work
- Understanding and familiarity with common code review methods and standards
- Experience with code scanning toolsets such as Fortify and Ounce
- Knowledge of OWASP tools and methodologies
- Understanding of HTTP and web programming
- Knowledge of common security requirements within ASP.NET application
- Knowledge of standard SDLC practices
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)
- In-depth understanding of Common Vulnerability Exposure (CVE)/ Cert advisory database
Qualifications:
- Bachelors in Engineering, BTech/BE, BCA
- Masters in Business Administration/ Masters in Software engineering/ M.Tech / Masters in Cyber Law
- Professional certifications - CISA/ CISSP/ CISM Preferred
Didn’t find the job appropriate? Report this Job