This job ad has been posted over 30 days ago...



Security Analyst- Security Tester Full-time

at CipherCloud India Pvt Ltd in Hyderabad (Published at 12-07-2014)

Key Responsibilities:

Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients

Review and define requirements for information security solutions

Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)

Participate in Security Assessments of networks, systems and applications

Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets

Job Requirements:

Bachelor degree or higher, technical discipline preferred

Two years of working experience in IT Security, preferably with exposure to application security testing (source code review and application penetration tests)

Working knowledge of Security principles, techniques and technologies

Good understanding of network protocols, design and operations

Strong analytical skills and efficient problem solving

Willingness to travel

Willingness to learn

Good English communication skills (written and oral)

Skills Required

1. CISSP, CISA, CEH, OSCP or other information security certifications

2. Proficiency with vulnerability assessment processes and tools: OWASP, Metasploit, nmap, nessus, Burp Suite, Webinspect, etc.

3. Understanding of security as it relates to multiple operating systems: HPUX, Linux, AIX, Windows, z/OS, etc

4. Understanding of access control, authorization and authentication technologies: PAM, Active Directory, LDAP, etc.

5. Understanding of securing fundamental networking protocols: DNS, HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS

6. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.)

7. Understanding of risk modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)

8. Strong background in data driven information security decision making and prioritization

9. Proficiency with web application vulnerabilities(testing and remediation). i.e. OWASP top10

10. Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE

11. Vulnerability and threat management experience

12. Experience with various security tools and products (Fortify, AppScan, etc…)

13. Good understanding of the components of a secure DLC/SDLC

14. Vulnerability analysis and application reversing skills

15. Understanding of cryptography principles

Note: Applications have been closed.

Recent jobs at CipherCloud India Pvt Ltd

Viewed: 2401 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend