This job ad has been posted over 30 days ago...



Security Tester Full-time

at Pylon Management Consulting in Banglore (Published at 03-08-2012)

Company: A leading MNC

Department Description: A leading professional services firm with over 135,000 people working together to deliver value in more than 140 countries by providing deep industry insights in Audit, Tax & Advisory. Recorded over US$20 billion dollars in revenue in 2008.

Detailed Description:

· Capable of profiling threats and vulnerabilities in Web Applications, databases and Web Services

· Hands-on experience in performing penetration testing (blackbox/grey-box testing) and code reviews. Exposure to threat modeling will be a value add.

· Must be able to assist with remediation strategy and consulting for identified vulnerabilities
· Must be able to demonstrate vulnerabilities with valid PoCs

· Identify and clearly articulate (written and verbal) findings to senior management and clients

· Help identify improvement opportunities for assigned clients
Supervise and provide performance management for IT staff working on assigned engagements

Additional Details:

· Bachelor’s degree in an appropriate field from an accredited college/university

· Candidates with atleast one to two years of programming background in in .Net, j233/Java, Ruby, or C/C++ will be preferable

· Operating System Configuration and Security experience (HP-UX, Linux, Solaris, AIX, etc.)

· Configuration and Security experience with Web Servers and Web Applications (Apache HTTP/Tomcat, Microsoft IIS, Sun One, Oracle iPlanet, IBM WebSphere,etc.)

· Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle, etc.)

· Web Service experience (SOAP, WSDL, UDDI) from the security standpoint

· Experience with web application testing and development frameworks, such as the Open Web Application Security Project (OWASP)

· Experience with discovering and demonstrating web application vulnerabilities such as Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Injection Flaws, Remote file inclusion (RFI) and SQL Injection

· Exposure to commercial Application Security tools experience (AppScan, WebInspect, Acunetix, etc.)

· Familiarity with Web Proxy tools like Achilles, Burp, Paros, Web Scarab etc.

· One or more of the following certifications: Sun Certified Java Developer® (SCJD®); Microsoft Certified Solution Developer® (MCSD®) for .NET; Certified Information Systems Security Professionals® (CISSP®); Certified InformationSystems Auditor® (CISA®); Certified Ethical Hacker (CEH); SANS/GIAC

· Track record with published content / research work in the information security field

· Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client’s senior management team

- Akshat Kaul

Note: Applications have been closed.

Recent jobs at Pylon Management Consulting

Viewed: 1927 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend