Job
Description
Role & responsibilities Orange Business is hiring for Cybersecurity Expert - Pentest for Greater Noida location. Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer Work on full assessment & revalidation cases within customer defined timelines. Handling report creation based on pentest outcome as per customer template Develop new test cases, scenario & able to perform API pentesting Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems | Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation | Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities Perform source code review & configurations reviews against CIS benchmarks and security standards Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions. Preferred candidate profile Mandatory skill set Proficiency in Pentest tool such as using Burp suite and Kali Linux Proficiency in Python and Java, JavaScript, and Other coding languages • Good experience in performing security penetration testing and vulnerability assessment for internal, external web & mobile applications, wireless networks and IT infrastructure, end-points, cloud etc. Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc. Experience in Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews Knowledge on Web-based applications and services (SOAP/REST) Well versed in writing reports, test cases etc. OSCP/ OSWP / OSCE certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester Secondary skill set Knowledge on Azure & scripting language Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper.
