23
applicants
Security Consultant (2 yr and above)
at SecureLayer7 Technologies Pvt Ltd in Pune (Published at 02-12-2019)
Candidate has to focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• Work closely with Application Developers/architects to track the security defects to closure
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• Well versed with OWASP – Top Ten
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews
• Familiar with popular tools:
o Application Proxy: Burp suite, Paros, OWASP ZAP, Wire Shark
o Vulnerability Scanners: IBM AppScan, HP Web Inspect, Nessus, NTO Spider
o Exploit Toolkits: Metasploit, Exploit DB etc
Required Technical Competencies. • Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
Skills Required (Mandatory) • Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile)
• Network Security Testing/Penetration Testing (Network, OS, Databases etc)
• Static Code Analysis/ Secure Code Review
• Security defect Tracking and working closely with Developers to fix the issue
Candidates who have Bug Bounty Experience and have Hall of Fame will be preferred.
• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.
• Work closely with Application Developers/architects to track the security defects to closure
• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.
• Well versed with OWASP – Top Ten
• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications
• Business‐Logic based application testing
• Penetration testing of Mobile applications and websites.
• Exploitation of the issues found and presenting the impact occurred
• Source Code Reviews
• Familiar with popular tools:
o Application Proxy: Burp suite, Paros, OWASP ZAP, Wire Shark
o Vulnerability Scanners: IBM AppScan, HP Web Inspect, Nessus, NTO Spider
o Exploit Toolkits: Metasploit, Exploit DB etc
Required Technical Competencies. • Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them
• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities
• Good to have programming experience in Java, shell scripting, Perl, or Python
• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.
Skills Required (Mandatory) • Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile)
• Network Security Testing/Penetration Testing (Network, OS, Databases etc)
• Static Code Analysis/ Secure Code Review
• Security defect Tracking and working closely with Developers to fix the issue
Candidates who have Bug Bounty Experience and have Hall of Fame will be preferred.