Senior Information Security Engineer - Vulnerability Assessment/Penetration Testing (8-10 yrs)

We are seeking a highly skilled Senior Information Security Consultant with 810 years of experience in cybersecurity, specializing in penetration testing, security code reviews, threat modeling, and consulting for secure application development. The ideal candidate will work across various platforms and technologies, supporting the delivery of secure solutions for financial and telecom applications.

Key Responsibilities :

- Conduct penetration testing for both thin and thick client-based applications.

- Perform security code reviews to identify vulnerabilities in applications.

- Conduct threat modeling to assess potential risks in application architectures.

- Analyze root causes of security defects and deliver strategic recommendations.

- Work with multiple platforms, including Windows and Linux, and various technologies, such as Java and .NET.

- Stay updated with the latest security tools, techniques, and methodologies.

- Collaborate with product development teams to secure financial and telecom applications.

- Provide guidance on best practices to mitigate security risks.

- Identify critical defects and propose effective workarounds or fixes.

- Lead the complete project lifecycle, from capturing customer requirements to delivering secure solutions on time.

- Adhere to best practices and align with customer-specific security requirements for project execution, documentation, and reporting.

- Interact with multi-disciplinary teams to ensure timely achievement of project milestones and checkpoints.

- Prepare detailed and actionable security review reports for stakeholders.

- Document findings, recommendations, and mitigation plans in a clear and professional manner.

- Manage customer relationships at the project delivery level to ensure satisfaction and alignment with expectations.

- Act as a trusted advisor for customers, addressing security concerns and providing expert guidance.

Required Skills and Qualifications :

- Proficient in penetration testing tools and techniques for both thin and thick client applications.

- Strong understanding of threat modeling methodologies and tools.

- Expertise in security code reviews for applications built on Java, .NET, or similar technologies.

- In-depth knowledge of operating systems like Windows and Linux.

- Strong analytical and problem-solving skills.

- Excellent communication and presentation abilities for delivering recommendations and reports to stakeholders.

- Ability to collaborate effectively with cross-functional teams.

- Experience managing end-to-end project lifecycles.

- Strong ability to meet deadlines and deliver high-quality results under pressure.

- Proven ability to manage and maintain strong relationships with customers at the project delivery level.

- Certifications such as OSCP, CEH, CISSP, or similar credentials.

- Experience in securing applications for financial or telecom industries.

- Familiarity with Agile or DevSecOps methodologies.

- Experience with cloud security for platforms like AWS, Azure, or GCP.

- Competitive salary and benefits package.

- Opportunities for professional development and certification support.

- A collaborative and innovative work environment.