Skills:
- Experience in information security or related field.
- Experience with computer network penetration testing, black box, grey box and white box assessments techniques.
- Experience in wireless and mobile environment testing.
- Experience in application security testing tools like AppScan, Kali etc.,
- Experience in vulnerability testing tools like Veracode, Blackduck, Nmap etc.,
- Understanding of DevSecOps implementation practices
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Solid understanding of Fintech and Healthcare domain will be added advantage
- IT Security or risk management certifications will add weight to the profile
- Excellent written and verbal communication skills as well as business acumen and a commercial outlook.
Roles and Responsibilities:
- Monitor computer networks for security issues.
- Investigate security breaches and other cyber security incidents.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause.
- Work with security team to perform tests and uncover network vulnerabilities.
- Fix detected vulnerabilities to maintain a high-security standard.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Perform penetration testing.
- Help colleagues install security software and understand information security management.
- Research security enhancements and make recommendations to management.
- Stay up to date on information technology trends and security standards.
Other good to have Skills:
- Programming Languages: C, C++, JavaScript, Ruby/Python, SQL, Bash scripting, Powershell Scripting
- DevOps Tools: SonarQube, GitLab, Docker, Kubernetes, Fortify, Veracode, OpenVAS, Contrast Security, Aqua
- Security Assessment Tools: Aircrack-ng, Burp Suite, SQLmap
- Security Frameworks: NIST, SOX, HIPPA
- Operating systems: Linux, Unix, Windows, MacOS