Careers

KEY RESPONSIBILITIES: • Perform penetration testing that includes internet, intranet, mobile, wireless, web application, web services, social engineering and physical penetration testing. • Execute red team scenarios to highlight gaps impacting organizations security postures. • Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements. • Provide technical leadership and advise to junior team members on attack and penetration test engagements. • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. • Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. • Execute penetration testing projects using the established methodology, tools and rules of engagements. • Support SDLC and agile environments with application security testing • Develop automated solutions that mitigate risks throughout the organization • Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams • Ability to automate DAST/SAST solutions and reporting • Convey complex technical security concepts to technical and non-technical audiences including executives. To qualify, candidates must have: OUT OF BOX APPROACH • A minimum of 5 years of work experience in penetration testing which includes internet, intranet, mobile, web application penetration tests, wireless, social engineering, and Red Team assessments. • Any two of the following certifications: OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN. • Knowledge of Windows, Linux, UNIX, any other major operating systems. • Deep understanding of TCP/IP network protocols. • Deep understanding and experience with various Active Directory attack techniques. • Understanding of network security and popular attacks vectors. • An understanding of web-based application vulnerabilities (OWASP Top 10). • Experience with manual attack and penetration testing. • Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).Updated and familiarized with the latest exploits and security trends. • Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement. • Familiarity to perform network penetration testing in stealth manner. • Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan) • Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source) • Familiarity with Secure DevOps Integration Please send your CV to hr@secureminds.co.in Job Location: Delhi/NCR Salary: As per Industry Standard