Cyber Security Pentester

Role: Penetration Tester (Individual Contributor)

Location: Mumbai

Your experience

At least 4-8 years of experience in Information Security/ Cybersecurity, primarily in performing Vulnerability Assessment and Penetration Testing for Web/ Mobile/ Client Applications, IT Infrastructure and Network Devices, Red Team Assessment, OSINT, Purple Teaming, etc.

Primary Responsibilities:

• ·Internal Vulnerability Assessment and Penetration Testing – All kind of applications – Client/ Web/ Mobile, IT Infrastructure and Network Devices
• Internal Red Team Assessment
• IT/OT Cybersecurity Assessment and Penetration Testing
• Supporting the implementation of DevSecOps
• Wireless and Network penetration testing
• Vendor Security & Risk Assessment
• Cyber/ Security Incident Response, Investigation, Root Cause Analysis, Corrective and Preventive Action Plans

Secondary Responsibilities:

• Supporting various Cybersecurity Projects/ Initiatives/ POCs, as needed
• Providing information security support for projects and enquiries from other functions and business across the APAC Region
• Assessing and managing risks, vulnerabilities, threats and compliance within the Region
• Develop, use and continuously improve a formal set of processes by which the organization can identify various security concerns, gaps and remedial actions to ensure the appropriate IT/Cyber Security resilience
• Co-ordinate with Internal Teams within IT/ GDH/ Business and ensure critical audit findings and gaps are addressed in timely manner

Education / Qualification

• Bachelor's degree in Computer Science, Information Technology or Engineering degree in any discipline with experience/ skills in Information Security/ Cybersecurity.
• Must have at least one practical/lab/challenge penetration testing certification (OSCP, OSWE, OSCE, OSEE, SANS, eCPPTv2, eCPTX, eWPTXv2, etc.);
• CEH/ CFIH/ CISSP/ CISM/ CRISC certifications are optional/ added advantage

Required skills:

• Penetration Testing using various open source and professional tools and methodologies.
• Good command over Kali Linux and Tools
• NIST Cybersecurity and MITRE Framework
• Open Source Intelligence (OSINT)
• Red Teaming/ Purple Team operations
• Knowledge and Experience in VA/PT Tools like Nessus, Qualys, MetaSploit, WebInspect, BurpSuite, etc.
• Top 10 OWASP Vulnerabilities and Attack Vectors
• Phishing and Social Engineering Attack vectors
• Privilege Escalation Techniques
• Application Security/ SSDLC/ DevSecOps
• Networking and IT Security Fundamentals
• Vendor Security and Risk Assessment

Leadership & Soft skills:

• Lead by example on values and culture.
• Open-minded, collaborative and an effective team player.
• Ability to work in a multicultural and diverse team.
• Driven for success and aspiring to a culture of service excellence, always putting the customer, our people and our business at the center of everything he/she does.
• Ability to deal with ambiguity.
• Ability to communicate openly and effectively with many diverse stakeholders, with external vendors and auditors, and with staff.
• Ability to work proactively and under pressure considering the criticality required to ensure the right quality of service for the business.
• Document/ report preparation for Penetration Testing

Key Personal Attributes

• Security and Continuous Improvement Mind-set
• Business focused, Customer & Service minded
• Strong Consultative and Management skills
• Confident in advising, developing and articulating solution
• Result oriented and with a work ethic of delivering on-time and in scope
• Open to Change and Attitude to challenge the Status Quo, as needed

Interested candidates kindly Apply or share your resume at

Job Types: Full-time, Permanent

Pay: ₹246, ₹1,497,845.54 per year

Benefits:

• Flexible schedule
• Health insurance
• Provident Fund

Work Location: In person