This job ad has been posted over 30 days ago...

9

applicants

Sr Information security consultant Full-time

at Secureyes in Mumbai (Published at 06-09-2019)

About SecurEyes - SecurEyes is a pure-play information security consulting firm which started in 2006 with global offices & presence at India, UAE, Oman, KSA & USA.Our clients include large Government Organizations, Banks & Financial Services Institutions, International Airlines, Large Trading Houses and Public sector companies across the globe.


Job Title – Sr. Information Security Consultant
Job Location – Mumbai and Travel as per project requirements
Experience – 7- 12 years
Location: Belapur Navi Mumbai

Job Description
• Should have an overall exposure and understanding of Application and Network Security projects and also GRC
• Should have managed comprehensive security projects, that include Application, Network Security and governance aspects
• Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.
• Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, API’s etc.
• Experience in Source Code Review of applications
• Should have performed manual mobile application penetration testing on platforms like Android, IOS, etc – both client and server side applications.
• Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
• Should have good understanding of web application architecture and Secure development life cycle (SDLC).
• Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
• Should have prepared audit reports and findings tracker sheets for applications.
• Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
• Should have performed Black-Box / Grey Box External Network VA/PT assessments following structured phases
• Should have performed Secure Configuration Review of infrastructure platforms including OS (Windows, Linux, AIX, Solaris etc) and DBs (Oracle, MSSQL, Sybase, MySQL), Webservers (Apache, IIS), Network devices (Switches, Routers), Security devices (Firewalls, IPS, IDS, WAF) and validate the configurations against CIS benchmarks for respective platforms using tool based and manual.
• Should have created comprehensive assessment report with details of vulnerabilities identified, categorization of the risks by assessment of potential impact and detailed remediation/recommendation for all the identified risks.
• Review Policies and SOPs associated with secure network/infrastructure implementations.
• Should have experience in Leading the team and coaching/ mentoring team members on technical/functional/ operational/ aspects and expertise relevant to Application and Network security assessments.
• Should be ready to travel within and outside the country


Skills required/Expertise:
• 10-12 Years of proven experience in application security and network VA-PT domain with exposure to GRC
• Should have excellent client liasoning, customer relationship and project management skills.
• Graduate in CS, IT, EC or Info Sec or Cyber Sec or MCA
• Proficient in written and oral English communication skills.
• Strong organizational, team-work, multi-tasking and time-management skills.
• Lead at least a team or two to three consultants.
• Manage a team during project execution as needed for the smooth execution of the project.
• Experience in banking domain will be added advantage.
• Leading the team and coaching/ mentoring team members on technical/functional/ operational/ administrative aspects and expertise.
• Supporting a fast-paced delivery in challenging projects,
• Provide strategic direction to the team to excel in fast-paced project delivery in challenging projects.
• Should be result-oriented and able to deliver within defined deadlines. Should value quality and client-satisfaction at minimum
• Should be able to work in a diverse team and should be able to adapt to various challenging customer environments






Recent jobs at Secureyes


Viewed: 222 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend