Thanks for usingCareesma. Job Offer printed on the 16/11/2018.

Application Penetration Testing Analyst

Mumbai, Maharashtra

Placewell Consultant

Job Description

Position Application Penetration Testing Analyst
Business Unit Technology
Job Family Business Support
Location Mumbai Vikhroli
Reporting to Information Security Manager
Job Level Senior Officer/ Assistant Manager

Look for candidates with 3 8 years experience

Candidates with prior experience in coding is must

As per my latest discussion with counterparts candidates are majorly lacking on coding skills and since they are the guard for hacking it would not make sense of hiring a resource who does not bring the relevant skillsets. Hence the profiles in pipeline are rejected during resume screening exercise

Ideal candidate would be someone who has done web api testing,mobile testing,app testing,etc

Job Location Vikhroli

Shifts - UK rotational

No gaps in education 10,12,Grad

All experience and relieving documents in place


Principal Duties/Responsibilities
Application Penetration Testing
Design, and execute penetration tests against target applications across a wide variety of products and platforms
Conduct threat modelling activities around new technology applications.
Maintain a register of applications requiring annual penetration tests.
Work with 3rd party providers to scope and schedule penetration tests for applications as part of the software development li fecycle and BAU applications
requiring regularly scheduled testing.
Assess penetration test findings and liaise with development teams to remediate identified vulnerabilities.
On a sampling basis, validate and assure the consistency of penetration test findings.
Escalate quality assurance issues to 3rd party penetration testing providers completing tests on WTW behalf.
Articulate penetration test findings in both technical and non-technical language dependent on the audience (both technical and business stakeholders) allowing
them to make informed risk based decisions on how vulnerabilities should be addressed.
Track identified vulnerabilities through to remediation, mitigation or risk acceptance.
Communications and Relationships
Internal:
With the IT Security Directors and Security Team; Information Security Programme Manager, Project Managers, Risk & Compliance, and IT.
External:
With external development teams at suppliers and vendors.
Competencies
Global Business Knowledge
Cross-Cultural Resourcefulness
Cross-Cultural Agility
Assignment Hardiness
Cross-Cultural Sensitivity
Humility
Conflict Management
Organizational Agility
Customer Focus
Integrity and Trust
Personal Learning

Qualifications:
Qualified to degree level, preferably in IT or security related subject.
Be interested in developing skills and knowledge in information security, and willing to work towards appropriate professional qualifications.
OSCP,GWAPT certification would be an added advantage
Skills
The ideal candidate must have solid programming/debugging skills with proficiency in one or more of the following; Java, JavaScript, HTML, XML, PHP,
ASP.NET, AJAX, JSON, Objective-C, Perl, Python, Ruby, Bash.
Strong understanding about enterprise wide technologies including database, operating system, web application, middleware, etc.
Knowledge of applied cryptographic protocols
Experience with security assessment tools, including Metasploit, Burp Suite Pro .
Proven ability to work in global collaborative group environment
Experience working with a high degree of autonomy, managing own workload and delivering to tight timescales
Strong communication skills, both oral and written
A solid foundational understanding of TCP/IP.
Team player with good interpersonal skills
Organised and methodical
Willing to challenge and desire to learn
Ability to communicate technical concepts to nontechnical disciplines
Good communication skills, both orally and in writing
Ability to communicate and collaborate effectively with other team members in a geographic and culturally diverse workforce
Knowledge/Experience:
Essential
Knowledge in application development, DevOps
Thorough understanding of network protocols, data on the wire, reverse engineering, covert channels, data obfuscators, ciphers and shell scripting
Knowledge of systems and application security vulnerabilities
Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, HTTP/HTTPS, REST, Cookies)
Expert-level experience and very detailed technical knowledge in at least three of the following areas: general information security ; security engineering;
application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile
frameworks; single sign-on technologies; exploit automation platforms; RESTful web services.
Beneficial
Application Development experience of Around 3 years
IT security, service delivery, systems development or similar experience
Experience of managing own workload and delivering to tight timescales.
Regulatory Requirements
Other e.g. location / business specific Inc. language skills etc.
Fluent Business English essential.
Other languages are an advantage.
This role will be based in a geographic location appropriate to the needs of the business, and appropriate local l anguage skills may be required.
Some travel between offices may be required, including international travel.

Company Description

Having forged a strong network of corporate relations, with our ability to serve them for HR... requirements and training Programmes with our Expertise acquired through years, Finish assignments before deadlines, along with being accurate to the requirements, has made us a force in reckoning.   Read full description

Additional Information

Last updated:
02/06/2018
Job type:
Full time
Position type:
Permanent
Vacancies:
1
Minimum experience:
Between three and five years
Education:
Compulsory Education
Salary range:
₹ 4,75,000 - ₹ 9,75,000 / Yearly (Gross Pay)
Category:
Jobs in Quality / Testing / Process Control
Go to Top