Information Security Auditor

Job Description: Information Security Auditor

Location- Andheri or any client
Position: Senior Associate Information Security Employment Type: Full-time

Key Responsibilities:

• Conduct vulnerability assessments and penetration tests on web applications, networks, infrastructure, and mobile applications to identify security weaknesses.
• Perform detailed risk analysis and provide actionable remediation steps based on findings.
• Engage in manual and automated testing using industry-standard tools (e.g., Burp Suite, Nessus, Metasploit, Nmap, Kali Linux, etc.).
• Document and communicate the results of assessments clearly, including the severity of the vulnerabilities, recommended mitigations, and overall security posture.
• Stay up-to-date with the latest security threats, vulnerabilities, and tools, ensuring testing methodologies remain current.
• Conduct risk assessments and security audits to ensure compliance with industry standards (e.g., OWASP Top 10, NIST, CIS).
• Perform threat modeling to identify potential attack vectors in system architectures and designs.
• Perform advanced exploitation techniques (buffer overflows, reverse engineering, etc.).
• Cloud security and penetration testing methodologies for platforms like AWS, Azure, and GCP.
• Secure hardening configuration review of infrastructure systems and Cloud environment
• Assist in preparing security reports for clients and senior management.

Skills & Qualifications:

• Experience: 3-5 years of hands-on experience in penetration testing, vulnerability assessments,security auditing, source code review, red teaming etc.
• Technical Expertise:
• Strong knowledge of common web application vulnerabilities (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), etc.).
• Proficiency with penetration testing tools like Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit, etc.
• Experience with vulnerability management systems and reporting tools.
• Familiarity with both manual and automated testing techniques.
• Strong knowledge of operating systems (Linux, Windows) and networking protocols.
• Certifications (Preferred):
• Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH)
• Any additional certifications in cybersecurity or penetration testing.

How to Apply:

Interested candidates are invited to submit their resume and cover letter to [Pallavi.kulkarni@anbglobal.com]. Please include "VAPT" in the subject line.

Equal Opportunity Employer:

ANB is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

For more information about our company and culture, visit https://anbglobal.com/