Job
Description
Job Description in brief including Roles & Responsibilities : Perform periodically system and application VAPT (Vulnerability Assessment and l Penetration Testing) using automated and manual approach. Perform asset and network discovery activities, helping ensure full coverage of the vulnerability discovery. Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and asset. Identify and test vulnerabilities in the areas of the information system and networks security. Conduct and compile findings on new vulnerabilities, new tools for departmental use. Create project deliverables /reports and assist the immediate supervisor during submissions and client discussions. Performing assessment related to Red Teaming, Network Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Secure Code review, AD Security Assessments, Vulnerability Management, Social Engineering Assessments,Wireless Penetration Testing. Mandatory Skills required for the role: Hands on experience with Vulnerability Assessment and Penetration testing of thick & thin client-based applications, Operating systems, edge devices and firewalls. Research, recommend, evaluate and implement information security solutions that identify and and/ or protect against potential threats, and respond to security violations, misuse of resources or noncompliance situations using defined escalation processes. Strong Experience of using open-source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix, Checkmarx, and Nexpose with operating systems Windows and Linux. Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST. Perform research on new vulnerabilities, attack vectors, exploits, tools and industry trends services. Provide offsite and on-site consulting services to our customers. Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other douments/templates. Well familiar with basics of TCP/IP and Networking principles. Extensive Working knowledge of Operating systems: Windows NT/2K3/XP and Linux or any Unix OS Knowledge about Computer Networks, System Security, Firewalls and l Vulnerabilities. Optional Skills for the role: Firewall rule review Segmentation Testing
