This job ad has been posted over 30 days ago...



VA/PT Consultants Full-time

at Auriseg Consulting Private Limited in Chennai (Published at 10-04-2018)

We are looking for an Information Security Consultant with 3-6 years of experience with immediate joining and who are passionate about security threats and vulnerabilities, understand how to break the system from both the Application and network perspective. Who can focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• To actively contribute to the Vulnerability management efforts of the organization via developer query resolution on vulnerabilities and defect tracking to closure.
• Well versed with OWASP – Top Ten and WASC Threat Classifications
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews – Well versed in Java Secure Code Review
• Expertise in Automated Scanning using CheckMarx and Fortify
• Well versed with OWASP Code Review concepts & identifiers
• Familiar with popular tools: * Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark * Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider * Exploit Toolkits: Metasploit, Exploit DB etc

• Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.

Skills Mandatory:

• Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile)
• Network Security Testing/Penetration Testing (Network, OS, Databases etc)
• Static Code Analysis/ Secure Code Review

Recent jobs at Auriseg Consulting Private Limited

Viewed: 1151 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend