Information Security Analyst (Penetration Tester)
Requirements and Responsibilities:
- Experience on Application Security Testing (Penetration Testing, Vulnerability Assessment, White Box Testing).
- Exposure to code review process from a security perspective will be a plus.
- Deep understanding of common vulnerability lists and industry best practices such as the Open Web Application Security Project (OWASP), CWE, SANS etc. and ability to independently perform full manual Web testing using the recommendations from these.
- Solid foundation of common system and software security vulnerabilities and their mitigation techniques.
- Knowledge of threat modeling and other risk identification techniques.Ability to work independently and in a team, taking ownership of performing end to end security threat assessment and providing recommendations for rectification, for Web and mobile applications.
- Ensure that technical security controls are implemented and maintained in a consistent, cohesive and appropriate manner in order to reduce risks to key business activities for applications in production environments.
- Champion the resolution of security and availability issues with the production environment.
- Perform root cause analysis on security and availability incidents producing harm charts per incident and other summary reports.Inclination to evaluate new and emerging security technologies.
- Ability to coach the development team on best practices for avoiding security vulnerabilities will be a plus.
Experience: 5+ years
Qualification: Bachelor’s degree or higher – in Computer Science or similar. Formal (ISC)² certifications like CISSP, SSCP etc. or CISM/CISA/CEH/ECSA would be a plus.
Job Location: New Delhi
To apply for this position, send us your profile.