This job ad has been posted over 30 days ago...



Senior Security Consultant Full-time

at Security Brigade InfoSec Pvt Ltd in Mumbai (Published at 05-04-2019)

Job Title / Designation: Senior Security Consultants rnrnPreferred: Application Security / Penetration Testing / Manual Testing KnowledgernrnExperience Required: Minimum 2 years’ experience in Application Security, Mobile application, Banking experience.rnrnJob Description:rnSecurity Brigade is looking for Senior Application Security Consultants who will be involved in managing the team of junior security consultants, project reviews, delay tracking and customer expectation management. They will be responsible for security assessments and penetration testing of application and enterprise environments as well as security research and development of security tools, processes and testing methodologies.rnrnKey Tasks and Responsibilitiesrn• Train and manage the team of consultants to perform application penetration testing, vulnerability assessments and source code reviews.rn• Profile an application, identifying threats, and developing test cases to target identified threats.rn• Identify and exploit vulnerabilities in applications and networks.rn• Manage project timelines, deadlines and expectations - including customer interactions for the team.rn• Prepare reports documenting identified issues based on internal templatesrn• Interact with customers in a collaborative consultative manor to deliver results, provide feedback and remediation recommendations on findingsrn• Research emerging security topics and new attack vectorsrn• Write tools and scripts to automate technical processes and make audits more efficientrn• Act as a SPOC for major customers and manage the project deliveries.rnrnRequirementsrn• Ability to lead and manage a team of 2 – 3 people. Prior team management experience is a plus.rn• In-depth understanding of security issues, exploitation techniques and remediation measuresrn• Ability to follow an in-depth manual testing process and not just run automated tools and copy paste resultsrn• Development knowledge of any current programming languagesrn• Strong understanding of software and application securityrn• Strong oral and written communication skillsrn• Involvement in software community via OWASP, WASC, Null, ClubHack and/or open source development is highly desirablern• Track record speaking at major security conferences such as OWASP Appsec, SANS Appsec, and Blackhat, Nullcon is highly desirablern• Intercepting proxies (i.e. Burp Proxy, Charles Proxy, Webscarab Proxy, Paros Proxy, etc)rn• Experience with Network Architecture Review and Firewall Rule-base Auditrn• Experience with Source Code Review and Application Architecture Review will be a plusrn• Ability to work on multiple complex assignments simultaneously.rn• Proven ability to excel and innovate.rnGood To Havern• Knowledge or experience of Bug Bounty / Open Sourcern• Experience in Customer Management and Team Management rn• Certification CEH|OSCPrn• Hands-on experience of Scripting Languages like python / perl etc.rnrnWorkplace Perksrn• Technically oriented workplace, work on a variety of interesting and challenging modules and projects, surrounded by hackers, coders and geeks.rn• Casual clothesrn• Team environment, collaborative learning environment, transparent communicationsrn• Generally fun environment with lots of LAN gaming and hackathons in off hours :)rn• Opportunity to advance career at growing company always looking for emerging leaders rnrnCandidate Profile / Criteria: rnTLDR – Passion > EducationrnWe don't require a B Tech or BSc degree, but plenty of the team has them. We always look at capabilities and experience first. rnCandidates with published advisories, tools, research papers, generally anything that can demonstrate you know your stuff when it comes to web and mobile applications will be preferred.rnrnAbout Security BrigadernSecurity Brigade is a pure-play information security consulting firm specializing in delivering high quality services through expert driven manual testing. Founded on the core belief that “Great audits are done by great auditors – not expensive tools”, Security Brigade’s approach is built around strong processes that enable auditors to conduct in-depth manual security audits. rnSecurity Brigade is based out of Mumbai, India and was founded in December 2006. It conducts thousands of audits a year for organizations such as: MakeMyTrip, Network 18, Tata Group, HDFC, Vodafone, IRDA, Reliance Money, Netmagic Solutions among many others. For more information, visit www.securitybrigade.comrn

Recent jobs at Security Brigade InfoSec Pvt Ltd

Viewed: 535 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend