This job ad has been posted over 30 days ago...

18

applicants

Senior Security Consultant & Project Manager Full-time

at Auriseg Consulting Private Limited (Anywhere) (Published at 15-02-2018)

Job Description
The successful candidate will perform internal/external network-based, and web application-based security vulnerability assessments and penetration tests based upon General Security Controls, Payment Card Industry (PCI) ASV, ISO 27000 and NESA standards. This person will also perform penetration tests in accordance with industry-accepted methods and protocols.
Projects may include:
• Performing network-based security assessments
• Performing security assessments on Internet-facing applications
• Performing security assessments on software applications
• Performing penetration tests across public networks of customers
• Performing penetration tests across internal networks of customers
• Performing assessments of wireless networks
• Performing assessments of physical security using social engineering
• Working as a team member on multiple engagements to perform technical software and environment testing
• Performing security consultation projects to assist Client’s implement security controls
• Consulting with Client’s on approach and proper implementation of technical security controls
• Developing testing scripts and procedures
• Other security-related projects that may be assigned according to skills
Technological Coverage
1. Infrastructure (Wired / wireless networks) – Required
2. Security Configuration Reviews (Required)
3. Web Applications
4. Mobile Applications
5. Source Code Reviews
Requirements & Responsibilities
1. Understand the Scope of Work for each customer agreement and perform the duties and tasks required by those agreements in an organized, professional manner.
2. Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated tools, ad-hoc tools, and manual testing.
3. Compile executive and technical reports and make recommendations to findings in responsive fashion.
4. Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific customer systems and networks in accordance with an agreed scope of work.
5. Thoroughly document exploit chain/proof of concept scenarios for client consumption.
6. Effectively provide technical risk assessment of technologies in networks, applications, systems, wireless, and perform social engineering.
7. Review and analyze security vulnerability data to identify applicability and false positives.
8. Report on findings and advise customers in remediation activities as required.
9. Research and develop testing tools, techniques, and process improvements.
10. Assist with sales and marketing activities: * Participate in sales calls as an industry expert * Attend conferences as appropriate * Other sales/marketing support duties as requested
Knowledge, Skills and Abilities

  1. Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, network & security infrastructure devices.
  2. Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, penetration testing methods, and hacking tools; especially for web applications, required.
  3. Motivated with a desire to learn and to share knowledge.
  4. Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25.
  5. Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan,Core Impact and other relevant tools.
  6. Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages.
  7. OSCP is desirable.
  8. Experience with reverse engineering, exploit development, mobile, and industrial control systems are a plus.
  9. Excellent communication skills (written & verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume role as a trusted subject matter expert.
  10. Ability to work methodically, independently, and prioritize work
  11. Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude



Recent jobs at Auriseg Consulting Private Limited


Viewed: 750 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend