Job description

The candidate is responsible for establishing, implementing, monitoring, reviewing, and improving all suitable sets of controls for the prevention of threats to the security of client applications & information assets, ensuring the business objectives of the organization. Should rigorously test, scan, audit & re-test all scopes as per all international security standards like OWASP, SANS & others.

Responsibilities and Scope:

• Applicants should have 5+ years of experience in web application and mobile application security, Network & Cloud Infrastructure Security, Vulnerability Assessment & Penetration Testing,
• Exploit security flaws & vulnerabilities with attack simulations on multiple applications in the Android and IOS platforms,
• Provide remediation guidance to identified vulnerabilities.
• Manual and automated security testing of Web applications, APIs, and mobile Apps.
• Use automated & manual code review techniques to identify application security vulnerabilities.
• Identify complex vulnerabilities such as business logic flaws and articulate to both technical and non-technical partners
• Document & report vulnerabilities and work on periodic vulnerability mitigations, patching.
• Analyze application security policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material.
• Develop & maintain security testing plans and automate penetration and other security testing on the applications, systems, networks, and data layers.
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make decisions based on potential security threats & risks.
• Produce actionable, threat-based, reports on security testing results.
• Build and maintain relationships with key stakeholders and security partners.

Must-Have:

• The candidate should be a team player with good interpersonal skills and should be able to work independently with minimum & least supervision in a complex Infrastructure environment.
• Certifications: OSCP, OSWE or any other security certifications
• Should be a self-driven, self-managed technical team leader.
• Ability to clearly communicate needs and requirements and influence stakeholders with minimal supervision.
• Ability to accurately estimate effort, set and meet periodic delivery deadlines.
• Experience in research and development in – Red Team Exercises, Threat Hunting, OSINT, Threat Modelling & building security tools, shall pe very plus.
• A good understanding in DevSecOps, security architecture review and network security assessments shall be added advantage.
• Hands-on experience with technology and to contribute to the design, development, and support of projects with the security recommendations

Nice to Have:

• Good problem-solving skills. good communications and documentation skills
• Ability to anticipate needs and provide creative input that ensures the success of the broader team
• Proficient in reading modern programming languages with the ability to quickly learn to read and interpret scripts written by others.
• Lead & drive multiple projects together.

No of Positions: 4

Note: The candidate would be expected to work in diverse consulting engagements and are willing to travel to Middle East countries for project execution at least 50% of their time.

Preference to candidates who can join very immediately or within 15 days of at the max.

Employment Type : Full-time

Industry

• Information Technology & Services

Employment Type

Full-time