T&T | Cyber | D&R | VAPT+Red Teaming | Senior Analyst |

Deloitte Consulting

4 - 10 years

10 - 14 Lacs

pune

Posted:4 hours ago| Platform:

Apply

Skills Required

computer science coding bfsi information security analytical iso 27001 html microsoft information technology sql

Work Mode

Work from Office

Job Type

Full Time

Job Description

Threat Modelling
: Conduct threat modelling sessions to identify potential security risks to applications, networks, and infrastructure. Utilize various threat modelling frameworks (e.g., STRIDE, PASTA) to evaluate the risk associated with business processes and IT systems.

Vulnerability Assessment & Penetration Testing
: Perform regular vulnerability assessments and penetration testing on applications, systems, and networks to identify weaknesses and misconfigurations.
Security Risk Analysis
: Analyse vulnerabilities identified in VAPT engagements and prioritize them based on risk to the business. Provide recommendations for remediation and mitigation.
Incident Response
: Assist in responding to security incidents by analysing threat patterns, supporting forensic investigations, and recommending preventative measures.
Collaboration with Teams
: Work closely with developers, DevOps, and other stakeholders to design and implement secure development practices and advise on secure code development practices.
Reporting
: Document findings from threat modelling, vulnerability assessments, and penetration tests, and present them to management and other key stakeholders.
Security Awareness
: Promote awareness of cybersecurity risks within the organization and provide guidance on secure coding and risk mitigation strategies.

Required Skills and Qualifications:

Strong knowledge of
Threat Modelling
methodologies and tools (e.g., Microsoft Threat Modelling Tool, OWASP Threat Dragon).
Hands-on experience in performing
Vulnerability Assessment and Penetration Testing (VAPT)
using tools like
Nmap
,
Burp Suite
,
OWASP ZAP
,
Nessus
, and
Metasploit
.
Solid understanding of common vulnerabilities (e.g., SQL injection, Cross-Site Scripting, Buffer overflows) and security protocols (e.g., TLS/SSL, OAuth, OpenID).
Familiarity with
network security
(firewalls, IDS/IPS, VPNs, etc.) and
web application security
.
Experience in performing risk analysis, writing security reports, and presenting findings to both technical and non-technical audiences.
Knowledge of
OWASP Top 10
,
CVE
, and vulnerability databases.
Proficiency in one or more programming languages (e.g., Python, Java, C, or scripting languages) is a plus.
Understanding of security frameworks and compliance requirements (e.g., NIST, ISO 27001, GDPR, SOC 2) is desirable.
Experience with
cloud security
(AWS, Azure, GCP) and container security (Docker, Kubernetes) is a plus.
Strong problem-solving skills and the ability to work independently and in a team.
Prior experience in BFSI would be preferred.

Preferred Qualifications:

Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar penetration testing certifications.
Certified Information Systems Security Professional (CISSP) or similar information security certifications.
Previous experience in threat hunting, incident response, or application security.
Understanding of security in Agile/Scrum development processes.

More Jobs at Deloitte Consulting

Senior Consultant

Pune, Chennai, Bengaluru

5.0 - 10.0 yrs

INR 8 - 18 Lacs

Netsuite Functional Consultant

Hyderabad, Bengaluru, Delhi / NCR

3.0 - 9.0 yrs

Salary: Not disclosed

Consultant/Senior Consultant || MS Dynamics and Power Platform

Pune, Bengaluru, Mumbai (All Areas)

3.0 - 8.0 yrs

INR 9 - 19 Lacs

Senior Consultant

Bengaluru

6.0 - 9.0 yrs

INR 16 - 22 Lacs

Oracle CPQ- Consultant

Hyderabad, Bengaluru, Delhi / NCR

3.0 - 8.0 yrs

INR 18 - 27 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.