Sr. VAPT Consultant

Qualifications: BE/B. Tech with specialization in cyber security, MCA, M. Tech / Master's in

Information security, or Forensics Analysis Knowledge

• Conduct Network/ System Vulnerability Assessments, Penetration Testing using tools to
  
  evaluate attack vectors, identify system vulnerabilities, and provide appropriate remediation
  
  plans for mitigation of the identified vulnerabilities.
• Conduct Application vulnerability assessments, Penetration Testing for web applications,
  
  identify and report vulnerabilities, provide recommendations, and track closure of identified
  
  vulnerabilities.
• Perform Configuration compliance assessments for Endpoints / Assets /network devices and
  
  help maintain the security settings at compliant level with Specific Security Standards.
• Perform regular monitoring of patch compliance of the assets in the network, Analyze Patch Advisories and provide remediation steps for the stakeholders.
• Performing comprehensive review and threat adversary modeling for web applications.
• Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting
• Conduct and compile findings on new vulnerabilities, new tools for departmental use.
• Create project deliverables / reports and assist the client with remediations and discussions.
• Abide by the project timelines and maintain project discipline

• Conduct Network/ System Vulnerability Assessments, Penetration Testing using tools to
  
  evaluate attack vectors, identify system vulnerabilities, and provide appropriate remediation
  
  plans for mitigation of the identified vulnerabilities.
• Conduct Application vulnerability assessments, Penetration Testing for web applications,
  
  identify and report vulnerabilities, provide recommendations, and track closure of identified
  
  vulnerabilities.
• Perform Configuration compliance assessments for Endpoints / Assets /network devices and
  
  help maintain the security settings at compliant level with Specific Security Standards.
• Perform regular monitoring of patch compliance of the assets in the network, Analyze Patch
  
  Advisories and provide remediation steps for the stakeholders.
• Performing comprehensive review and threat adversary modeling for web applications.
• Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application
  
  Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting
• Conduct and compile findings on new vulnerabilities, new tools for departmental use.
• Create project deliverables / reports and assist the client with remediations and discussions.
• Abide by the project timelines and maintain project discipline

• Hands-on Experience is performing Network Security Assessment and vulnerability Assessment.
• Good understanding of OSI layers and fundamental Operating system concepts, security settings for various flavors of Windows and Linux platforms.
• Manual Penetration Testing skills and techniques are required besides automated tools and frameworks.
• Familiar working with Publicly available exploits codes.
• Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp Suite,
  
  Paros Proxy Nessus, nexpose, Wireshark, sqlmap etc.
• Sound knowledge about infrastructure vulnerability scans, identifying security vulnerabilities,
  
  weaknesses, threats, and assessing related risks that exists within an IT Infrastructure or business processes.
• Sound knowledge about Application vulnerability assessments and relevant knowledge of
  
  OWASP top 10 vulnerabilities and SANS.
• Good understanding of firewalls, Switches, and Router's configuration settings and policies, relevant experience in performing rule base reviews and configuration reviews for network devices.