This job ad has been posted over 30 days ago...



Lead Information Security consultant Full-time

at Secureyes in Banglore (Published at 23-06-2019)

About SecurEyes - SecurEyes is a pure-play information security consulting firm which started in 2005 with global offices & presence at India, UAE, Oman, KSA & USA. It specializes on Risk Assessment, GRC Consulting, Information Security Training and on-demand information security consulting. \r\n\r\n\r\nJob Title Lead Information Security Consultant\r\n\r\nJob Location Bangalore and Travel as per project requirements\r\n\r\nExperience 8-13 years\r\n\r\nJob Description\r\n\r\nLeading the team and coaching/ mentoring team members on technical/functional/ operational/ administrative aspects and expertise.\r\n\r\nProvide strategic direction to the team to excel in fast-paced project delivery in challenging projects.\r\n\r\nDrive customer relationship management, project management and team management\r\n\r\nStrong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc. \r\n\r\nExperience in manual application penetration testing of thick client applications, mobile applications, web services, APIs etc. \r\n\r\nThorough understanding of common web technologies like .NET, PHP, Java, XML, SAML, SOA, SOAP, web services etc and protocols including HTTP(S), DNS, FTP, SSH etc. \r\n\r\nHad performed manual mobile application penetration testing on platforms like Android, IOS etc. \r\n\r\n\r\nGood understanding of web application architecture and Secure development life cycle(SDLC).\r\n\r\nExperience in threat modelling and risk analysis. \r\n\r\nExperience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burpsuite Pro, etc) is desirable.\r\n\r\nShould be ready to travel within and outside the country.\r\n\r\nPreparing audit reports and findings tracker sheets for each application in the provided template.\r\n\r\nCommunicate with customer teams to explain and demonstrate vulnerabilities to application/system owners, and assist with the mitigation of the identified vulnerabilities. \r\n\r\n\r\n\r\nSkills required/Expertise:\r\n8+years of proven experience in application security domain\r\nOSCP/CISSP, CISA certification is a plus.\r\nExpertise in web application security testing.\r\nExpertise in mobile application security testing.\r\nStrong organizational, team-work, multi-tasking and time-management skills.\r\nLead at least a team or two to three consultants. \r\nManage a team during project execution as needed for the smooth execution of the project.\r\nExperience in banking domain will be added advantage. \r\nExperience in VA/PT of networks, servers, devices will be added advantage\r\nExperience in static and dynamic secure code review will be added advantage

Recent jobs at Secureyes

Viewed: 501 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend