Role Overview

We are searching for a Security Analyst / Sr. Security Analyst with relevant experience on vulnerability assessment and penetration testing for networks, web applications, mobile applications, wireless security assessment and source code review.

Responsibilities

Primary responsibility is to conduct Black/Grey/White box Vulnerability Assessments & Penetration Testing for web application, network infrastructures (Internal/External)

Stay updated with emerging threats and provides remediation steps for mitigating such attacks. Supporting clients in giving step-by-step guide for replicating potential attack scenarios and security patches if required

Conduct fully manual web application testing with in-depth knowledge of OWASP top 10 vulnerabilities, SANS Top 25; etc. Manage and maintain/update/upgrade centralized vulnerability scanners for scanning external/public facing client infrastructure

Qualifications

Education: MS in IT/ BE/ B. Tech

Experience level: 3 to 8 years of experience in IT security Industry

Certifications desired: GCIH, CEH, GPEN, CCNA security, OSCP

Essential Skills

Excellent knowledge of TCP/IP commonly used protocols Excellent understanding of web applications and databases Hands-on with Windows/Linux server administration Hands on Experience on Tools Like: Nmap, Metasploit, Burp Suite, Acunetix, Nessus, Netsparker, QualysGuard, Wireshark, Nikto, IBM AppScan, W3af, Paros/ZAP proxy, sqlmap/sqlninja, blindelephant, sslyze, ollydbg etc.

Additional Desired Skills:

Excellent verbal and written communication

Prior consulting experience would be a plus

Comfortable to contribute as a lead or as an individual