Urgent Opening for Lead Information Security Consultant !!

Posted onAuthoradminLeave a comment

Company — SecurEyes

Location — Bangalore

Salary — INR 25.00 to INR 32.00 Lac PA

Mandatory Skills

  Owasp, Sans Top 25, Wasc, .net, Php, Java,  Xml, Saml,  Soa,  Soap,  Web Services, Http(s), Dns, Ftp, Ssh, Cissp, Cisa

Additional Skills
 Android, Ios, Dread, Cvss, Vapt,  Va/pt

Job Description

Roles & Responsibilities –

  •     Leading the team and coaching/ mentoring team members on technical/functional/ operational/ administrative aspects and expertise.
  •     Supporting a fast-paced delivery in challenging projects,
  •     Provide strategic direction to the team to excel in fast-paced project delivery in challenging projects.
  •     Enable innovation and digitization.
  •     Drive customer relationship management, project management and team management
  •     Strong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc.
  •     Experience in manual application penetration testing of thick client applications, mobile applications, web services, API’s etc.
  •     Thorough understanding of common web technologies like .NET, PHP, Java, XML, SAML, SOA, SOAP, web services etc and protocols including HTTP(S), DNS, FTP, SSH etc.
  •     Had performed manual mobile application penetration testing on platforms like Android, IOS etc.
  •     Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
  •     Good understanding of web application architecture and Secure development life cycle(SDLC).
  •     Experience in threat modelling and risk analysis.
  •     Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burpsuite Pro, etc) is desirable.
  •     Should be ready to travel within and outside the country.
  •     Preparing audit reports and findings tracker sheets for each application in the provided template.
  •     Communicate with customer teams to explain and demonstrate vulnerabilities to application/system owners, and assist with the mitigation of the identified vulnerabilities.
  •     Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as the organization.
  •     Hands on Application Security and VAPT experience

Additional Information
 ​Skills required/Expertise:

  •      12-20 years of proven experience in application security domain
  •     OSCP and/or CISSP, CISA certification.
  •     Proficient in written and oral English communication skills.
  •     Expertise in web application security testing.
  •     Expertise in mobile application security testing.
  •     Strong organizational, team-work, multi-tasking and time-management skills.
  •     Lead at least a team or two to three consultants.
  •     Manage a team during project execution as needed for the smooth execution of the project.
  •     Experience in banking domain will be added advantage.
  •     Experience in VA/PT of networks, servers, devices will be added advantage
  •     Experience in static and dynamic secure code review will be added advantage

Required Qualification

Engineering/ IT Graduate/ MCA

Job Insights

  • Candidate should be willing travel within and outside India.
  • Any 1 mandatory- CEH/ ISO27001/CISSP/CISA/OSCP
  • Prefer Candidates with Notice period of maximum 60 days.
  • Recruitment Stages – 1) Technical Round ( Telecon/ skype)   2) Technical Round (Telecon/ skype)  3) F2f / skype with the hiring Manager (Bangalore office)
  • Office Days – Monday to Friday (alternate saturdays are working)
  • Candidate should have Min 10 years of exp in Info sec, where at least 5-6 years of experience in App sec. team handing exp+ client management has to be good , should be from consulting background

About SecurEyes
SecurEyes is a pure-play information security consulting firm which started in 2006 with global offices & presence at India, UAE, Oman, KSA & USA. It specializes on Risk Assessment, GRC Consulting, Information Security Training and on-demand information security consulting. Our clients include large Government Organizations, Banks & Financial Services Institutions, International Airlines, Large Trading Houses and Public sector companies across the globe. We are technically focused with passion, integrity and with a strong belief in providing world-class services to our clients to create a difference in their information security environment.

Interested Candidates can send their resume at career@iitso.co.in or ca call at +91- 7992235340 for more detail.

Team

Next Vision Technologies

www.iitso.co.in

Leave a Reply

Your email address will not be published. Required fields are marked *