• Save Job
  • 7 - 14 Years
  • Posted : above 1 month

Job Description:

- Extensive experience of 8+ years in Application / Network Security Assessment

- Good at application threat modeling and Applications risk exposure

- Experience in dynamic and static application vulnerability scanners like Rapid7 AppSpider, HP WebInspect, IBM AppScan, HP Fortify, etc

- Experience of using Network security assessment tools like Rapid7 Nexpose, Metasploit, Nessus, Qualys etc

- Experience in manual security assessment of applications and infrastructure

- Establish Vulnerability Management framework & process including Vulnerability assessment, treatment, acceptance/exception

- Manage VAPT and Secure Configuration Management process

- Ensure the coverage and track new assets & applications which are going live and VA/PT, Security Configuration Assessment are conducted before going live and periodically after going live

- Knowledge of scripting languages like Ruby, Python etc

- Knowledge of web development would be preferred

- Knowledge of deploying security scanning tools in large enterprise network

- Strong Web application security experience with thorough understanding of web application, Mobile Application vulnerabilities

- Good skills on operating systems and command line operations specially Unix

- Knowledge of database, application, and Web server design and implementation

- Familiarity with Security Standards and groups (OWASP, OSSTM, WASC, FISMA)

- Experience in client handling including interaction with developers for understanding the mitigations

- Working knowledge and experience integrating Telecomm Applications with VM Technologies

- Experience of integration with multiple external technologies eg Incident Management, CMDB (Remedy, Service Desk), PAM, IDAM, SIEM, Third party applications

- Execution of enterprise wide Infrastructure Vulnerability Assessment, Penetration Testing program

- Advanced understanding of networking, system of systems architecture In-depth knowledge of architecture, engineering, and operations

- Experience of end to end vulnerability management and penetration test program

- Experience of vulnerability remediation work flow, ticketing lifecycle etc preferred

- Strong Understanding and working experience of SDLC include SIT, UAT and NFT Execution experience of Performance testing

- Bachelors degree in management information systems, computer science, or related discipline is required

- Defining integration approaches and creating interface documentation, Test cases for SIT, UAT and NFT

- Strong understating of Defense in Depth Architecture and security technology used at each layer

- Familiarity with security regulatory requirements and standards (such as NIST 800 series, ITU, ITIL, PCI and ISO 27001)

- Advanced knowledge and experience with the multiple operating systems (Windows, - nix, OSX, VMware, IOS and other infrastructure device OS)

- Technology Landscape, Education and Certification

- Configuration Analyzer - - Algosec firewall Analyzer, Tuffin Configuration manager, IBM QRM

- Vulnerability Management - Qualys guard, Nessus

- Certified Computer Forensics and Forensics Investigator ( CHFI )

- Certified Ethical Hacker (CEH)

- EC Council Certified Security Analyst (ECSA)

Profile Summary:

Employment Type : Full Time
Functional Area : Other
Salary : 500000-1000000 P/A
Deadline : 14th Nov 2019

Key Skills:

Company Profile:

Not Mentioned

Would you like to try out these free online tutorials?

People who search this job also searched for the following Keywords

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status