IT Security Consultant

Job Responsibilities:

• Uses manual testing techniques and methods to gain a better understanding of the applications/mobile app environment and reduce false negatives
• SME in Infrastructure and/or Application Security and provides consultative recommendations in discussions related to Vulnerability Assessment and Penetration Testing
• Documents findings and recommendations, and present with stakeholders from technical team (Development, Infrastructure) and non-technical team (Operations, Management)
• Performs Vulnerability Assessment and Penetration Testing

Qualifications:

• 2-3 years experience in security testing (VAPT, Source Code Review, Configuration Review, Architecture Review, Controls Review) (Preferred)
• Strong knowledge in System & Network Infrastructure, API and Mobile Application Development (Preferred)
  
• Experience of working on Unix, Windows & Linux platforms
• In-depth knowledge of OWASP Top 10 and CVEs, and the ability to effectively communicate methodologies and techniques with development teams and operations
• Hands-on experience with security testing tools such as Nessus, Burpsuite, Qualys and others
• Basic knowledge on information security standards and guidelines such ISO 27001/2, NIST, and CIS
• Understanding of Cloud Compute, Storage, Security and Virtualization best practice
• Has good communication skills to explain technical details with both technical team and non-technical team
  
  Has at least one of the following certifications:
• CompTIA Security +
• EC Council CEH or Mile2 CPEH
• ISMS Lead Auditor or ISACA CISA
• Other certifications with ISC2, CompTIA, EC Council, OSCP, CREST or SANS

G