Senior Security Analyst

Job Description

Job Description

We are looking for a skilled professional to join our organization as a Senior Security Consultant. This position will be responsible for VAPT related activities of clients’ web applications.

Roles & Responsibilities

• Support remediation effort and track open issues to ensure closure of vulnerabilities.
• Follow-up on closure of identified gaps and utilize escalation matrix effectively wherever necessary.
• Perform regular audits to ensure security practices are compliant.
• Keep abreast with new technologies to ensure that the organization remains at the forefront of security.
• Managing a team of vulnerability scanners.
• Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.
• Other tasks as per client’s requirements. Requirements / Key Skills
• In-depth knowledge of security issues, exploitation techniques and remediation measures.
• Hands-on Experience in Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets.
• Hands-on experience with well-known security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc.
• Strong knowledge regarding mobile application security assessment (Android & iOS).
• In-depth understanding on Common Vulnerability Exposure (CVE) and CWE.
• Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
• Perform in-depth analysis of VAPT results, ability to review assessment reports to provide risk mitigation & recommendations on that basis.
• Relevant experience of at least 3 years.
• Familiarity with OWASP Top 10, SANS Top 25 vulnerabilities along with its validations in source code and other security frameworks & Compliance.
• Good understanding of technologies such as Cloud security and recent trends. Desired Candidate Profile
• Engineering Graduate in CS, IT, EC or InfoSec, Cyber Security or MCA equivalent.
• Certifications Preferred : eJPT, CEH.
• Strong organizational, teamwork, multitasking & time management skills.
• Understanding of Thick client security assessment.
• Outstanding communication abilities. Ability to effectively communicate the required solutions.
• Ability to work under pressure & fast paced environment.
• Strong attention to detail with an analytical mindset & outstanding problem solving skills.
• Sound knowledge of MITRE ATT&CK and D3FENCE framework.
• Keen awareness of cyber security trends & attacking techniques.