Sr. Cybersecurity Specialist

Key Responsibilities

• Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer
• Work on full assessment & revalidation cases within customer defined timelines.
• Handling report creation based on pentest outcome as per customer template
• Develop new test cases, scenario & able to perform API pentesting
• Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems |
• Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation |
• Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities
• Perform source code review & configurations reviews against CIS benchmarks and security standards
• Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions

About you

Education, qualifications, and certifications

• Degree / Diploma Holders with good knowledge in pentest domain.
• Excellent verbal & written communication skills in English language

Mandatory skill set

• Proficiency in Pentest tool such as usingBurp suite and Kali Linux
• Proficiency inPython and Java, JavaScript, and Other coding languages
• Good experience in performingsecurity penetration testing and vulnerability assessment for
• Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc.
• Experience inSource code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews
• Knowledge on Web-based applications and services (SOAP/REST)
• Well versed in writing reports, test cases etc.
• / OSWP / OSCEcertification (preferred),SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester

Secondary skill set

• Knowledge on Azure & scripting language
• Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper