Penetration Tester

Job Summary:

• This is an opportunity for a highly motivated individual to join a high energy team of security administrators responsible for managing global security infrastructure.
• This position is to be part of a global team, reporting to the Sr. Security Delivery Manager in Gurgaon.

Responsibilities:

As a member of the Security Operations Team

• Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications
• Hand-on experience with VA/ PT tools like Tenable etc.
• Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment
• Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
• Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered.
• Recommend security patches and any other measures; produce operations reports
• Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports
• Keep the Vulnerability Management Program in compliance with security policy and with published SLAs
• Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress
• Monitor security vulnerability information from vendors, and third parties
• Assist in maintaining technical support documentation.
• Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected
• Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
• Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services
• Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP)
• Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises

Technical Skills:

• 3 to 5 years of experience Security Operations experience
• Ability to read, write and modify scripts for automation of vulnerability management tasks using Python, PowerShell, Ruby on Rails, and/ or Bash
• Good knowledge of packet filtering, stateful packet inspection and the differences between them
• Good knowledge of fundamental networking/distributed computing environment concepts; routing, switching, VLANs, VPNS, NIS, NFS.
• Intermediate to advanced understanding of packet capture and analysis using snoop, tcpdump and Ethereal or similar tools.
• Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, filesystem integrity, use of security packages, IPTables).
• Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms.
• Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS etc.)
• Experience in implementing, managing, and troubleshooting ITSM Solutions for Large Organization
• Sound knowledge of ITSM Practices and Efficient in creating workflow as per requirement.
• Having Certificate from any reputed ITSM OEM ensuring that resource is competent enough to work as L1. Certificate should be valid and should not older than 6 Months.
• Knowledge of Vulnerability Management and Patch Management.
• Sound Understanding of product function, features pertain to proposed Vulnerability Management and Patch Management Solution.
• Certified Specialist with any reputed Vulnerability ManagementSolution.Certificate should be valid and should not older than 6 Months