Job title:

Information Security Consultant

Job type:

Full Time

Required Experience:

3-7 Years

Salary:

As per Industry

Emp type:

Permanent

Location:

Mumbai

Job Published Date:

2019-23-12

Job ID:

11

Job Description

Perform Web Application security assessment.

Perform Mobile application security assessment.

Conduct application risk assessment / application control review

Conduct application penetration exercise using automated tools, customized exploits and manual analysis.

Conduct network penetration testing, system vulnerability assessment & security configuration review

Provides analysis and validation post remediation.


Qualifications

Academic Qualification: Engineering/ IT Graduate; MCA; MS IT; MSc IT; Graduate degree in Information security.
Professional Certification: One or more of following certification is desirable- CEH; OSCP; OSCE; CSSLP; CISSP; CISA, CISM; SANS

Experience & Key Skills/ Competency

• Practical experience in manual & automated grey box application security assessment

• Practical experience in mobile application (android / iOS) security assessment

• Exposure to API security testing

• Experience in using application security assessment tools/platforms such as Burp Suite, Paros, Samurai WTF, Kali Linux, Charles, Metasploit.

• Understanding of the OWASP Top 10 application security risks.

• Knowledge of networking concepts like TCP/IP, UDP, HTTP, TLS, SSH, DNS, firewalls, etc.

• Experience of drafting web application security assessment report.

• Excellent problem solving and analytical skills; outstanding oral and written communication skills.

• Practical experience with Static and Dynamic Application Security Test (SAST/ DAST) solutions e.g. Fortify, Veracode, Checkmarx is desirable.

• Candidate with software programming background with language and tools such as Java/JavaScript; JSP; Python; PHP; ASP.Net HTML/CSS is desirable.

• Experience in conducting network penetration testing & system vulnerability assessment using VA tools (e.g. Nessus, Nexpose etc.) and VA checklist is desirable