Job
Description
Role Overview: As a Penetration Tester (Individual Contributor) based in Mumbai, you will utilize your 4-8 years of experience in Information Security/ Cybersecurity to conduct Vulnerability Assessment and Penetration Testing for various applications including Web, Mobile, Client, IT Infrastructure, and Network Devices. You will also be involved in Red Team Assessment, OSINT, Purple Teaming, and other cybersecurity activities. Key Responsibilities: - Perform Internal Vulnerability Assessment and Penetration Testing for all types of applications (Client, Web, Mobile), IT Infrastructure, and Network Devices - Conduct Internal Red Team Assessment and IT/OT Cybersecurity Assessment - Support the implementation of DevSecOps - Perform Wireless and Network penetration testing - Conduct Vendor Security & Risk Assessment - Lead Cyber/ Security Incident Response, Investigation, Root Cause Analysis, and develop Corrective and Preventive Action Plans Secondary Responsibilities: - Support various Cybersecurity Projects/ Initiatives/ POCs as required - Provide information security support for projects and enquiries across the APAC Region - Assess and manage risks, vulnerabilities, threats, and compliance within the Region - Develop and improve processes to identify security concerns and remedial actions - Coordinate with Internal Teams to address critical audit findings and gaps in a timely manner Qualifications Required: - Bachelor's degree in Computer Science, Information Technology, or Engineering with experience in Information Security/ Cybersecurity - Possess at least one practical penetration testing certification (e.g., OSCP, OSWE, OSCE, SANS, eCPPTv2, eCPTX, eWPTXv2) - Optional certifications include CEH, CFIH, CISSP, CISM, CRISC Required Skills: - Proficiency in Penetration Testing using various tools and methodologies - Strong command over Kali Linux and related tools - Familiarity with NIST Cybersecurity and MITRE Framework - Experience in Open Source Intelligence (OSINT) and Red Teaming/ Purple Team operations - Knowledge of VA/PT Tools such as Nessus, Qualys, MetaSploit, WebInspect, BurpSuite, etc. - Understanding of OWASP Vulnerabilities, Phishing, Social Engineering, Privilege Escalation Techniques, and Application Security - Familiarity with Networking and IT Security Fundamentals, Vendor Security, and Risk Assessment Leadership & Soft Skills: - Lead by example on values and culture - Collaborative team player with open-mindedness - Ability to work in a multicultural environment and deal with ambiguity - Effective communication with diverse stakeholders and vendors - Proactive and able to work under pressure to ensure service quality - Proficient in document/report preparation for Penetration Testing Key Personal Attributes: - Security and Continuous Improvement Mindset - Customer-focused with strong consultative and management skills - Result-oriented with a focus on delivering on-time and in scope - Open to change and willing to challenge the status quo Please apply or share your resume at yuneeta.shende@rigvedit.com if you are interested in this Full-time, Permanent position. Benefits include a Flexible schedule, Health insurance, and Provident Fund. The work location is in person.,
