This job ad has been posted over 30 days ago...



Opening at EY Trivandrum for Senior Security Consultant - Fortify Full-time

at EY in Trivandrum (Published at 15-01-2016)

As an Information Security Consultant you will be primarily responsible for conducting source code reviews and Web application security reviews, Additional responsibilities include External and Internal vulnerability assessment and penetration testing, Configuration reviews, support ISO 27001 and IT General audits, and support the team lead to meet overall security assurance goals and client requirements.

Client responsibilities

• In depth knowledge in source code review tools such as HP Fortify, IBM Source scan, Checkmarx etc
• Should have experience in source code review of various languages such as Java, Python, C, C++ etc
• Perform manual source code review
• Should have experience in integration of security tools with build environments to ensure iterative scanning during the Secure-SDLC
• Communication and presentation skillsExecute Network vulnerability assessments, attack and penetration testing and web application security reviews, network device configuration reviews, OS/DB security reviews.
• Prepare detailed review reports.
• Support the team in updating their skill and knowledge.
• Develop and test exploits which will be used for Attack and Penetration testing
• Develop advanced custom security scanning tools / customize the existing tools
• Use of various security tools and methodologies
• Interface with both external internal clients
• Manage task allocation, ensuring quality of the deliverables in line with industry standards and best practices.

People Responsibilities

• Should be a good team player.
• Should interface with internal and external clients
• Should come up with innovative and smart ways of doing work, without compromising on quality
• Should prioritize and manage multiple tasks.
• Understand and follow workplace policies and procedures
• Should be capable of leading and guiding junior resources.

Skills Required

• MCA/Bachelors in Engineering in Computer Science and Engineering or equivalent /BCA
• Strong knowledge of TCP/IP, Basic Concepts of OSI layer and protocols, Basic knowledge of networking and security concepts, Knowledge of OS (Windows / Linux).
• Knowledge in Scripting - Perl / Bash
• Knowledge on tools like Nessus, BackTrack etc. is a definite plus
• Familiar with OWASP and Secure SDLC standards
• Excellent communication skills; written and verbal
• Knowledge virtualization security solutions and tools
• In- depth Knowledge TCP/IP, Network Security and application security
• Knowledge of IT Infrastructure, security devices, OS, Databases etc.
• Good understanding of networking protocols and application communications
• Good communication skills both written and verbal.
• Good Presentation and customer interaction skills
• Good analytical capability
• Should be able to deliver and work with challenges in the market
• Ability to build and maintain relationships with a diverse group of clients and internal teams
• Preferred certifications : CISSP, OSCP, OSCE, GPEN, CEH
• Similar experience in any BIG 4 companies preferred

Note: Applications have been closed.

Recent jobs at EY

Viewed: 1588 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend