Urgent Opening for Sr. Information Security Consultant !!

Posted onAuthoradminLeave a comment

Company — SecurEyes

Location — Bangalore

Salary — INR 15.00 to INR 18.00 Lac PA

Mandatory Skills

 Va-pt, Ceh, Lpt, Iso27001, Ccna, Itil, Wasc, Black-box,  Grey Box External Network Va/pt

Additional Skills
 Oscp, Cisa, Cism, Cissp, Osce,  Sdlc

Job Description


​Mandatory :

  •     7-10 Years of proven experience in application security and network VA-PT domain
  •     Graduate in CS, IT, EC or Info Sec or Cyber Sec or MCA  Mandatory certification – any one of CEH, LPT, ISO27001, CCNA, ITIL and
  •     Mandatory certification – any one of OSCP, CISA, CISM, CISSP, OSCE

Roles & Responsibilities –

  •     Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.
  •     Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, API’s etc.
  •     Should have performed manual mobile application penetration testing on platforms like Android, IOS, etc – both client and server side applications.
  •     Should have knowledge on Risk Rating Standards like DREAD, CVSS etc. • Should have good understanding of web application architecture and Secure development life cycle (SDLC).
  •     Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
  •     Should have Prepared audit reports and findings tracker sheets for applications.
  •     Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
  •     Perform Black-Box / Grey Box External Network VA/PT assessments following structured phases
  •     Perform Secure Configuration Review of infrastructure platforms including OS (Windows, Linux, AIX, Solaris etc) and DBs (Oracle, MSSQL, Sybase, MySQL), Webservers (Apache, IIS), Network devices (Switches, Routers), Security devices (Firewalls, IPS, IDS, WAF) and validate the configurations against CIS benchmarks for respective platforms using tool based and manual.
  •     Create comprehensive assessment report with details of vulnerabilities identified, categorization of the risks by assessment of potential impact and detailed remediation/recommendation for all the identified risks.
  •     Review Policies and SOPs associated with secure network/infrastructure implementations.
  •     Leading the team and coaching/ mentoring team members on technical/functional/ operational/ aspects and expertise relevant to Application and Network security assessments.
  •     Should be ready to travel within and outside the country

Additional Information
Skills required/Expertise:

  •     7-10 Years of proven experience in application security and network VA-PT domain
  •     Graduate in CS, IT, EC or Info Sec or Cyber Sec or MCA
  •     Proficient in written and oral English communication skills.
  •     Strong organizational, team-work, multi-tasking and time-management skills.
  •     Lead at least a team or two to three consultants.
  •     Manage a team during project execution as needed for the smooth execution of the project.
  •     Experience in banking domain will be added advantage.

Required Qualification

Engineering/ IT Graduate/ MCA

Job Insights

  •     Any 1 mandatory- CEH/ ISO27001/CISSP/CISA/OSCP
  •     Min 7 years in info sec, Exp in App sec min 4-5 Years
  •     Candidate should be willing travel within and outside India.
  •     Prefer Candidates with Notice period of maximum 60 days.
  •     Recruitment Stages – 1) Technical Round ( Telecon/ skype)   2) Technical Round (Telecon/ skype)  3) F2f / skype with the hiring Manager (Bangalore office)
  •     Office Days – Monday to Friday (alternate saturdays are working)

About SecurEyes
SecurEyes is a pure-play information security consulting firm which started in 2006 with global offices & presence at India, UAE, Oman, KSA & USA. It specializes on Risk Assessment, GRC Consulting, Information Security Training and on-demand information security consulting. Our clients include large Government Organizations, Banks & Financial Services Institutions, International Airlines, Large Trading Houses and Public sector companies across the globe. We are technically focused with passion, integrity and with a strong belief in providing world-class services to our clients to create a difference in their information security environment.

Interested Candidates can send their resume at career@iitso.co.in or ca call at +91- 7992235340 for more detail.

Team

Next Vision Technologies

www.iitso.co.in

Leave a Reply

Your email address will not be published. Required fields are marked *