Talent.com
This job offer is not available in your country.
CyRAACS - Security Consultant

CyRAACS - Security Consultant

CYRAAC Services Private LimitedNavi Mumbai
2 days ago
Job description

Job Description :

We are actively seeking a skilled and experienced VAPT (Vulnerability Assessment and Penetration Testing) professional to join our dynamic team. The ideal candidate will possess in-depth knowledge of vulnerability assessments and penetration testing (VAPT) for both web and mobile applications.

Key Responsibilities :

  • Manual Penetration Testing : Conduct thorough manual penetration testing, including vulnerability scans, security testing, and exploiting identified vulnerabilities to assess the security posture of web and mobile applications.
  • Open-Source Intelligence (OSINT) : Leverage open-source intelligence tools and techniques to gather data, conduct reconnaissance, and identify attack vectors against target applications and infrastructure.
  • Security Assessments & Reporting : Produce comprehensive reports detailing the vulnerabilities discovered, the associated risks, and the business impact. Provide actionable remediation advice and collaborate with client stakeholders for effective resolution.
  • Continuous Learning : Stay abreast of the latest CVEs, vulnerabilities, and exploitation techniques.
  • Team Collaboration : Work collaboratively with other security professionals and teams to enhance the overall security posture of client organizations, driving continuous improvement.

Skills & Qualifications :

VAPT Experience : Minimum of 1+ year of hands-on experience in performing vulnerability assessments and penetration testing across web and mobile Skills :

  • Web Application Security : Expertise in web application security concepts, including knowledge of the OWASP Top 10 and common vulnerabilities such as SQL injection, XSS, CSRF, and remote code OSINT : Experience using open-source intelligence (OSINT) tools for reconnaissance and enumeration, such as Recon-ng, Shodan, TheHarvester, and Penetration Testing Tools : Proficiency in a wide range of industry-standard penetration testing tools and open-source tools.
  • Mobile Application Security : Experience performing security assessments of mobile applications, both iOS and Android, including familiarity with mobile-specific attack vectors like insecure data storage, improper implementation of SSL / TLS, and app reverse engineering.
  • Scripting & Automation : Solid knowledge of scripting languages such as Python, Bash, or PowerShell to automate testing tasks and develop custom exploit scripts.

    • Certifications (Highly Preferred) :

  • eWPT (eLearnSecurity Web Application Penetration Tester)
  • PNPT (Practical Network Penetration Tester)
  • CRTP (Certified Red Team Professional)
  • OSCP (Offensive Security Certified Professional)

    • Experience : At least 1+ year of hands-on experience in vulnerability assessments, penetration testing, and securing web and mobile applications.

    Soft Skills :

  • Strong analytical, problem-solving, and troubleshooting skills, with a passion for identifying and mitigating security risks.
  • Excellent written and verbal communication skills, with the ability to create clear, concise, and actionable reports for both technical and non-technical audiences.
  • Self-motivated with the ability to work independently and manage multiple tasks effectively while maintaining a high level of attention to detail.
  • Collaborative team player with the ability to work in a fast-paced environment and coordinate across multiple teams.

    • ref : hirist.tech)