Penetration Test Analyst

Penetration Test Analyst

Req ID#: 383784

Hyderabad, IN, 500081 Mumbai, AP, IN, 400072

Job Description:

Primary Responsibilities of the Security Specialist I, Global Security Operations Center Role

To perform network, system and application vulnerability assessments and penetration testing. To do pen-source and commercial testing tools including Kali Linux, Nessus, Metasploit, Nmap, Burp Suite Proxy, Wireshark, Kismet, etc. Additionally, must maintain awareness and knowledge of newly released open-source tools and exploits. To use various scripting languages such as Python, Perl, PowerShell, Bash, etc. To analyze identified vulnerabilities to write clear and concise assessment, penetration testing and compliance reports. To configure, administrate, and troubleshoot Operating Systems including Unix/Linux, Windows, iOS, Android, and the various network devices. To applies advanced knowledge of concepts, practices, and procedures of IT Security, with awareness of related fields. Applies analytical and interpretive thinking to complex problems; determines methods /procedures based on professional judgment to achieve desired outcomes.

Knowledge, Abilities & Skills

Skills/Competencies

Knowledge of TCP/IP protocols and networking architectures. Knowledge of databases, applications, and web server design and implementation. Knowledge of security and IT standards, such as PCI DSS v3.0 & NIST SP800. Knowledge of the National Vulnerability Database (NVDB) & the Common Vulnerabilities and Exposures List (CVE). CVE is a dictionary of publicly known information security vulnerabilities and exposures. Excellent time management, written documentation, and oral presentation skills.

Experience, Qualifications, Certifications & Travel

Minimum Requirements

Education:

Bachelor’s degree in Information Technology, Computer Science, or related field. Experience may be evaluated in lieu of educational requirements on a case-by-case basis.

Experience: (3+ years' experience)

Experience with mobile devices and mobile application security, including secure configuration and tools, techniques, and procedures for security testing. Experience assessing and testing network devices, including firewalls, routers, VPNs, and switches. Experience with programming and scripting in C++, Perl, Python, bash, Java and/or Assembly Language (x86). Experience with wireless network security, including secure configuration and tools, techniques and procedures for security testing. Experience with application security, including source code review. Experience with audit techniques to identify insecure configurations of Windows/Unix/Linux, web servers (Apache, IIS, etc.), databases (MySQL, MSSQL, Oracle, etc.) and web application scripts (PERL, Python, ASP, etc.). Experience with one or more social engineering test modes (physical, phishing or pre-texting). Will consider relevant security certifications such as CEH, GIAC, CISSP, GPEN, CEPT, LPT, CPT, OSCP, etc.

Travel: None

Job Segment: Linux, Unix, Open Source, Network Security, Testing, Technology, Security

---