Tech Lead

Purpose:

• To Deliver Experiences That Create Value Transforms Lives

  About Sterlite Digital (STL)

  STL DIGITAL is a global IT Services and Consulting company that enables enterprises to experience the future of digital transformation. We provide end to end services across product engineering, software, cloud, data and analytics, enterprise application services, and cyber-security.

  Why STL Digital

  At STL Digital, we engineer experiences that create value. We blend the agility of a startup with the stability of an established enterprise. Were passionate about innovation. Our culture is built on four core values of -Respect for Individuals, Hunger to Learn, Promises Delivered Keep it Simple. We value both experienced leadership and fresh perspectives, creating a dynamic environment where everyone can contribute and thrive. Were looking for talented individuals to join us on this exciting journey. Lets build the future of tech together.

Vulnerability Assessment Penetration Testing

• This is an exciting role that will give you the opportunity to work with Product teams around the globe to perform penetration tests on the client s many products. You will be working alongsidethe best security teams in the industry. This will include scoping and planning penetration testswith the development teams and then leading execution of those pen tests. You ll reportfindings, produce reports and work with the development and security teams to resolve theissues you and your team members find. You ll stay up to date with the industry s latesttechniques and tools. This role will be testing a variety of products and will be well versed incloud, client, IoT and hardware penetration testing.You will be researching new penetration tools and techniques, including how AI can helpimprove efficiencies as well as developing and implementing the best new techniques to test AIproducts. You ll work with development teams to coordinate penetration tests and ensure thatproducts are tested within an appropriate time frame. You will be communicating the priority and
• risk to development teams. You will have excellent organizational and communication skills
• ensuring that development teams are well informed of the penetration testing results.

In Summary you will:

• Perform penetration tests on Cloud, Client applications (web, mobile thick clients) andAI products.Work with development and security teams to find and explain security issues, suggestmitigations, and ensure they are mitigated.Stay up to date on the latest testing tools and techniques ensure both yourself and theteams are using the most effective methods.Position RequirementsBasic

Qualifications:

• Bachelor s degree in a relevant field or equivalent relevant experience3 - 6 years of cybersecurity experience2+ years of experience of penetration testingStrong written and verbal communications and interpersonal skills.Ability to work independently as well as function as an integral part of a team, takeinitiative and ownership in a fast-paced environment Ability to successfully work acrossregions and functions to solve problems and get things done

  Preferred Qualifications:

  Knowledge of Artificial Intelligence security testing tools and techniques.Experience with penetration testing and diagnostic tools such as Burp Suite, Kali Linux,fuzzing tools, code analyst tools, DAST tools, Metasploit, etc.
• Knowledge of Agile processes
• Experience working in a development environment.
• Offensive Security certifications such as Offensive Security Certified Professional
• (OSCP), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security
• Web Expert (OSWE), Offensive Security Exploit Developer (OSED), and Offensive
• Security Exploitation Expert (OSEE)
• SANS certifications such as GIAC Cloud Penetration Tester (GCPN), GIAC CertifiedForensic Examiner (GCFE), GIAC Certified Incident Handler (GCIH), GIAC PenetrationTester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC ReverseEngineering Malware (GREM), and GIAC Exploit Researcher and Advanced PenetrationTester (GXPN)EC-Council certifications such as Certified Ethical Hacker (ANSI or Practical)Industry security certifications such as CISSP, Security+, etc.
• VAPT