Preferred Qualifications
- The team members shall prepare the assessment plans, test cases, and test scenarios to perform the penetration testing.
- Experience in web application, infrastructure and network Vulnerability Assessment & Penetration Testing.
- Experience in Vulnerability Assessment and Penetration testing using industry standard tools such as Vulnerability Scanners for e.g.: Qualys, Nessus, Nexpose, Acunetix, Metasploit, Burp Suite Pro, Netsparker etc.
- Experience in using security frameworks such as Metasploit, Kali Linux, OSSTM etc.
- Experience and knowledge of Penetration testing of servers, and any assets (OS, infra & network).
- Experience and knowledge of Web Application Security standards such as OWASP/SANS etc.
- The Security Test Engineer should have the ability to stay organized and possess excellent communication skills.
- Experienced in preparing and presenting detailed penetration testing report. The security test engineer will be part of the audit team that shall conduct security audits for the clients to identify the gaps in terms of web security.
Responsibilities-
- Support presales engagements by providing technical expertise in vulnerability management solutions, including solution design, client presentations, and proposal development.
- Work closely with sales teams to articulate security value propositions, conduct client assessments, and recommend tailored solutions aligned with customer environments.
- Contribute to RFP/RFI responses, solution documentation, and effort estimation for vulnerability management services.
- Hands-on experience in conducting vulnerability assessments, including scanning, identification, and analysis of security weaknesses across systems and networks.
- Evaluate the effectiveness and robustness of security architectures and designs, ensuring alignment with industry best practices.
- Proficient in leveraging network and security analysis tools to identify, assess, and validate vulnerabilities.
- Maintain up-to-date awareness of vulnerabilities, including exploit complexity, exploit availability, and real world feasibility.
- Recommend and implement risk-based remediation strategies to reduce vulnerabilities and minimize impact on business-critical assets.
- Develop and present vulnerability metrics, dashboards, and executive reports to provide actionable insights and track remediation progress.
- Strong understanding of enterprise security policies, standards, and frameworks, particularly related to vulnerability assessment and penetration testing.
- Collaborate with stakeholders to prioritize and coordinate vulnerability remediation efforts based on business risk.
- Continuously monitor publicly disclosed vulnerabilities (CVEs), threat intelligence sources, and emerging risks.
- Translate business requirements into effective security solutions, balancing risk, compliance, and operational needs.
- Engage cross-functional teams to drive remediation, track risk mitigation activities, and manage dependencies effectively
Minimum qualifications
Bachelor's degree or equivalent practical experience.
8-12 years of relevant work experience within areas of Vulnerability Management / operations and deployment.
Previous experience with systems administration and/or programming.
Mandatory certifications: Qualys Certified Mandatory
Offensive Security Certified Professional (OSCP)
Location- Bangalore, Hyderabad, Pune, Indore
