Attack Surface Reduction Analyst

As a consulting company passionate about technology, design, and quality, we take pride in our diverse and inclusive workplace that values each individual for their unique contributions. We believe in the power of collaboration and knowledge sharing to deliver exceptional services to our clients. If you are someone who is eager to join a dynamic team and grow professionally, we welcome you to be a part of our journey. We are currently looking for a skilled and experienced Attack Surface Reduction Analyst to join our cybersecurity team. In this role, you will play a crucial part in identifying and mitigating security risks across our systems, applications, and network infrastructure. Your responsibilities will include conducting vulnerability assessments and penetration tests, managing vulnerability processes, coordinating third-party testing engagements, and collaborating with various teams to enhance our overall security posture. Key Responsibilities: - Conducting comprehensive vulnerability assessments and penetration tests on systems, applications, and networks. - Identifying and evaluating security vulnerabilities using industry-standard tools and methodologies. - Designing and implementing vulnerability management processes and driving effective remediation strategies. - Managing third-party penetration testing engagements and ensuring alignment with security objectives. - Collaborating with IT and business teams to prioritize and address identified risks. - Contributing to the development and upkeep of security policies, procedures, and standards. - Monitoring systems for unauthorized access, suspicious activities, and emerging threats. - Keeping abreast of evolving cybersecurity trends, threat landscapes, and best practices in attack surface reduction. Required Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - 4 to 5 years of hands-on experience in vulnerability scanning, penetration testing, and vulnerability management. - In-depth knowledge of common vulnerabilities and exposures (CVEs) and attack vectors. - Proficiency with tools like Kali Linux, Qualys, Burp Suite, and other VA/PT platforms. - Familiarity with security frameworks and standards such as NIST, OWASP Top 10, CIS Controls. - Strong analytical and problem-solving skills. - Excellent written and verbal communication skills, with the ability to communicate technical issues to non-technical stakeholders. Preferred Certifications: - OSCP, OSEP, SANS GIAC, CREST, CompTIA Security+, or similar certifications are a plus but not mandatory. If you are ready to make an immediate impact and take on great responsibilities in your cybersecurity career, we encourage you to apply to join our team based in Bangalore. This is a full-time position with a 6 months probationary period. We conduct interviews on an ongoing basis, so don't hesitate to submit your application.,