Location Name: Pune Corporate Office - Mantri
Job Purpose
- Discover and Mitigate Cyber Risks and exploitable vulnerabilities on the internet facing apps/assets.
- Conduct Regular Vulnerability Assessment and Penetration Testing of the applications
- Experience with latest technologies and security standards such as OWASP, CVSS, Mitre etc.
- Mobile App Reversing and pen testing as Android and iOS applications security standards
- Familiarity with malicious code identification and common hacker attack techniques
- Conduct regular Secure Code and Architecture Review, SAST and DAST
- Latest technology security API, Microservices, RPA, IOT etc.
- Ethical Hacking and Red Teaming Activity
- Assess Third Party Partner vulnerabilities and security risk
- Remediations, Closures Tracking, Reporting and Management of all Cyber Risks
- Engage with technology Teams and partners and business units to resolve identified vulnerabilities within acceptable timelines
- Design and deliver actionable Information Security dashboards and scorecards
- Work with partners in carrying out comprehensive VAPT assessment
- Advanced understanding with working experience collecting and tracking threat intelligence
- Experience working with tracking, communicating, and prioritizing vulnerabilities and cyber threats to an enterprise-wide organization
Duties And Responsibilities
A-Minimum required Accountabilities for this role
- Engineering / Computer Graduate with 3-5 years of Information / Cyber Security Experience
B-Additional Accountabilities Pertaining To The Role
- Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, EMAPT etc. preferred (Good to Have)
Key Decisions / Dimensions
- Activity calendar planning
- Security Audits preparedness
- Preparation of testcases for infosec sign-offs
Major Challenges
- Timely vulnerability closure
- Change management infosec sign off with in defined TAT
Required Qualifications And Experience
- Qualifications
- Post-Graduates with relevant security experience of 4-6 years (also graduates with experience of 6-8 years may apply)
- Work Experience
- Engineering / Computer Graduate with 4-6 years of Information / Cyber Security Experience
- Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, EMAPT etc. preferred (Good to Have)
- Prior experience of Security Testing, OWASP Top 10 and application security
- Prior experience of Payment Testing, Mobile Applications and API Security testing
- Sound in latest application technologies and network attacks execution
- Good Written and Verbal Communication with Presentation Skills
- Good Team Player and sound in stakeholder management
- Threat Modelling, Cloud Security and WAF basics clarity
- DevOps / DevSecOps and Source Code security review experience is added boon
- Well versed with related tools and techniques of all the above
