VAPT and EDR Engineer

Level L3

Responsibilities

• Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility.
• Identifying and maintaining Key metrics and SLA on Infrastructure Security.
• Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems.
• Thorough experience in configurations reviews against CIS benchmarks and security standards.
• Ensure all Hardening and Patching activities are conducted and tracked as per defined policies.
• Create/Update hardening documents and build audit file for automated testing.
• Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.
• Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people.
• Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations.
• Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings.
• Ensure deployment, configuration, management, and integration of EDR solutions in enterprise or hybrid environments.
• Implement and manage EDR security solution for attack surface risk management (ASM) and XDR, enhancing threat detection and response capabilities.
• Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments.
• Safeguarding information, infrastructures, applications, and business processes against cyber threats.
• Proactively create, share, and read reports as part of the penetration testing activities.
• Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation

Education Qualification Requirements:

Qualification: BE / BTech (Similar Education Background)

Work experience: 8 +Years

• Minimum 8 years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems.
• Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion
• Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required.
• Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
• Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans.
• Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc.
• The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng
• Expertise in deployment and configuration of EDR security solutions.
• Created and enforced custom security rules/policies and assigned them to servers, reducing exposure to threats.
• Collaborated with SOC/IT teams to investigate incidents and fine-tune security policies, minimizing false positives.
• Coordinate with SOC teams for incident detection and investigation along with threat hunting and root cause analysis (RCA).
• Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications)
• Preferred: Script writing skills (Python/Ruby/bash/PowerShell).
• Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS.
• Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms.

Expertise in performing grey box/Black box testing.

Experience devising methods to automate testing activities and streamline testing processes.

• Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises.

Competencies /Expertise Required (Functional & Behavioral)

• Systematic strong analytical thinking and problem-solving skills.
• Excellent in analytical thinking for translating data into informative visuals and reports.
• Adaptable to change.
• Quick Learner Open learn and work on new technologies and products