VAPT Consultant

  Medical Coding

Job title: VAPT Consultant

Company: marlabs

Job description: Senior Security Consultant – Security Testing

Overall Year of experience: 10+ Years

Job Description:

This position is responsible for all tasks related to vulnerability management in a complex environment and demands one to stay current with emerging technologies and vulnerabilities. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving. In addition, this position is responsible for analyzing security vulnerabilities and determining if there is an attack surface and impact. The ideal candidate understands the full cycle of a software vulnerability, from exploitation to mitigation and must be experienced with cybersecurity reviews, vulnerability management, security awareness, and incident response handling. The Cybersecurity Analyst will need to be an effective problem solver and an integrator of people, processes, and technology.

Preferred qualifications:

  • The team members shall prepare the audit plans, test cases, and test scenarios to perform the security audit. Experience in web application, Mobile App and network Vulnerability Assessment & Penetration Testing.
  • Experience in Vulnerability Assessment and Penetration testing using industry standard tools such as Vulnerability Scanners for e.g. Qualys, Nessus, WebInspect, Acunetix, Metaspoilt, Burp Suite Pro, Netsparker etc.
  • Experience in using security frameworks such as Metasploit, Kali Linux etc.
  • Experience and knowledge of Web Application Security standards such as OWASP/SANS etc.
  • The Security Test Engineer should have the ability to stay organized, and possess excellent communication skills.
  • The security test engineer will be part of the audit team that shall conduct security audits for the clients in order to identify the gaps in terms of web security,

Skill in the following:

  • Conducting vulnerability scans and recognizing vulnerabilities in security systems assessing the robustness of security systems and designs
  • Network analysis tools to identify vulnerabilities
  • Maintain awareness of vulnerability information, complexity to exploit, and exploit availability or feasibility to create an exploit.
  • Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a level acceptable.
  • Creation of vulnerability metric and remediation-related dashboards and reports.
  • Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration.
  • Liaise with stakeholders to understand, prioritize, and coordinate vulnerability remediation activities.
  • Maintain awareness of publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis).
  • Ability to fully understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs.
  • Engage cross-divisional teams and oversee the implementation of security recommendations by leveraging appropriate communication methods, tracking remediation of identified risks, mitigation strategies, plan activities and dependencies.

Working knowledge of the following: * Cybersecurity principles

  • Security source code review vulnerabilities
  • Cyber threats and vulnerabilities
  • System and application security threats and vulnerabilities
  • General attack stages (e.g., foot printing and scanning, enumeration, gaining access)
  • Escalation or privileges, maintaining access, network exploitation, covering tracks)
  • Risk management processes (e.g., methods for assessing and mitigating risk)
  • Ethical hacking principles and techniques; penetration testing principles, tools, and techniques
  • Use of penetration testing tools and techniques and social engineering techniques
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Must be adaptable to changes in the work environment, comfortable with multiple competing demands and able to deal with frequent change, delays or unexpected events in a calm and logical manner.

Minimum qualifications: * Bachelor’s degree or equivalent practical experience.

  • 5 years of relevant work experience within areas of application security testing
  • Previous experience with systems administration and/or programming.
  • Preferred certifications:
  • Certified Ethical Hacker (CEH)
  • Certified Penetration Tester (CPT)
  • Certified Expert Penetration Tester (CEPT)

Expected salary:

Location: Bangalore, Karnataka

Job date: Wed, 02 Nov 2022 03:59:00 GMT

Apply for the job now!