AmbitionBox
Search
Jobs
- Reviews
- Salaries
- Interview Questions
- About Company
- Benefits
- Jobs
- Office Photos
- Community
Add office photos
All Filters
145 Hitachi Jobs
ECP Sr Security Tester
Hitachi
posted 3hr ago
Job Role Insights
Flexible timing
Key skills for the job
Job Description
We are seeking a Senior Security Tester with 8-10 years of experience to join our security team.
In this role, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities across applications, networks, and cloud infrastructure.
You will leverage Rapid7 tools (such as InsightVM, Nexpose, Metasploit), Datadog for security observability, and perform security assessments within AWS environments while ensuring compliance with HIPAA regulations.
Your expertise will help guide our security testing processes, maintain a strong security posture, and ensure our systems meet critical healthcare data protection standards..
Key Responsibilities:.
Security Testing Vulnerability Management: Perform in-depth security assessments of web and mobile applications, network infrastructures, and cloud environments (AWS) using Rapid7 tools (e.g., InsightVM, Nexpose, Metasploit) to identify vulnerabilities such as SQL injection, XSS, and privilege escalation..
Penetration Testing: Lead penetration testing efforts on applications, networks, and cloud services, using tools like Rapid7 Metasploit to simulate real-world attacks.
Identify vulnerabilities and provide detailed recommendations for risk mitigation..
AWS Security Testing Cloud Assessments: Conduct security assessments of AWS environments, ensuring configurations are secure and compliant with industry standards and best practices.
Perform security tests for AWS services (EC2, S3, RDS, IAM) and configurations such as VPC, security groups, and IAM roles to prevent unauthorized access or misconfigurations..
HIPAA Compliance: Ensure that security testing aligns with HIPAA compliance requirements, focusing on the protection of sensitive healthcare data.
Work with compliance teams to verify that security testing, vulnerability assessments, and incident response procedures adhere to HIPAA guidelines for data encryption, access controls, and data breach notification..
Real-Time Security Observability: Leverage Datadog for security monitoring, incident detection, and observability in real-time.
Track key security metrics, identify unusual patterns or anomalies, and respond promptly to potential incidents..
Automated Security Testing: Integrate security testing tools like Rapid7 InsightVM into CI/CD pipelines to automate vulnerability scanning and security assessments, improving the efficiency of security operations..
Security Code Reviews: Review application code for potential security flaws, particularly in environments subject to HIPAA, ensuring secure coding practices are followed.
Identify vulnerabilities related to data handling, encryption, and authentication mechanisms..
Security Standards Compliance: Ensure security testing procedures comply with industry standards, including OWASP Top 10, NIST, ISO 27001, PCI DSS, and HIPAA.
Provide regular security reports that demonstrate compliance and identify areas of improvement..
Reporting Documentation: Document findings from security assessments, penetration tests, and cloud assessments, detailing risks, vulnerabilities, and mitigation strategies.
Provide clear reports for both technical and non-technical stakeholders..
Mentorship Leadership: Mentor junior team members in security testing techniques, tool usage (including Rapid7 and Datadog), and best practices.
Foster a culture of continuous learning and improvement within the team..
Continuous Research Improvement: Stay current with emerging security threats, vulnerabilities, and technologies.
Participate in the development and continuous improvement of security testing methodologies and processes..
Required Qualifications:.
Experience: 8-10 years of hands-on experience in security testing, vulnerability assessments, penetration testing, and cloud security, particularly in AWS environments.
Expertise in using Rapid7 tools (e.g., InsightVM, Nexpose, Metasploit) and Datadog for security observability..
Technical Skills:.
Expertise in vulnerability management and penetration testing, including experience with Rapid7 InsightVM and Metasploit..
Extensive experience in security testing and assessments within AWS environments (e.g., EC2, S3, IAM, RDS, Lambda)..
Experience ensuring compliance with HIPAA regulations, particularly regarding the security of protected health information (PHI), data encryption, and access controls..
Familiarity with Datadog for real-time security monitoring, incident detection, and observability..
Strong understanding of common web application vulnerabilities (e.g., SQL injection, XSS) and network security risks..
Experience integrating security testing into CI/CD pipelines for automated vulnerability scanning and security validation..
Certifications (Preferred):.
Certified Ethical Hacker (CEH).
Offensive Security Certified Professional (OSCP).
Certified Information Systems Security Professional (CISSP).
GIAC Web Application Penetration Tester (GWAPT).
Certified Cloud Security Professional (CCSP).
AWS Certified Security Specialty.
Soft Skills:.
Excellent communication skills with the ability to convey complex security concepts to both technical and non-technical audiences..
Strong problem-solving and analytical abilities..
Leadership skills and the ability to mentor junior team members..
Detail-oriented with a strong passion for cybersecurity and compliance..
Desired Experience:.
Experience securing applications and infrastructure within AWS, including setting up secure networking (VPC), IAM policies, and security best practices for EC2, S3, and other AWS services..
Hands-on experience with HIPAA compliance requirements, such as encryption (at rest and in transit), access control, audit logging, and incident response for healthcare applications..
Familiarity with containerized applications (Docker, Kubernetes) and their security testing..
Experience with automated testing frameworks and integrating them into DevSecOps workflows..
Working Environment:.
Collaborative and dynamic work environment with opportunities for growth and development..
Flexible work options, including remote or hybrid arrangements (depending on location)..
Access to cutting-edge security tools and technologies..
Preferences:.
Job Overview:.
We are seeking a Senior Security Tester with 8-10 years of experience to join our security team.
In this role, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities across applications, networks, and cloud infrastructure.
You will leverage Rapid7 tools (such as InsightVM, Nexpose, Metasploit), Datadog for security observability, and perform security assessments within AWS environments while ensuring compliance with HIPAA regulations.
Your expertise will help guide our security testing processes, maintain a strong security posture, and ensure our systems meet critical healthcare data protection standards..
In this role, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities across applications, networks, and cloud infrastructure.
You will leverage Rapid7 tools (such as InsightVM, Nexpose, Metasploit), Datadog for security observability, and perform security assessments within AWS environments while ensuring compliance with HIPAA regulations.
Your expertise will help guide our security testing processes, maintain a strong security posture, and ensure our systems meet critical healthcare data protection standards..
Key Responsibilities:.
Security Testing Vulnerability Management: Perform in-depth security assessments of web and mobile applications, network infrastructures, and cloud environments (AWS) using Rapid7 tools (e.g., InsightVM, Nexpose, Metasploit) to identify vulnerabilities such as SQL injection, XSS, and privilege escalation..
Penetration Testing: Lead penetration testing efforts on applications, networks, and cloud services, using tools like Rapid7 Metasploit to simulate real-world attacks.
Identify vulnerabilities and provide detailed recommendations for risk mitigation..
AWS Security Testing Cloud Assessments: Conduct security assessments of AWS environments, ensuring configurations are secure and compliant with industry standards and best practices.
Perform security tests for AWS services (EC2, S3, RDS, IAM) and configurations such as VPC, security groups, and IAM roles to prevent unauthorized access or misconfigurations..
HIPAA Compliance: Ensure that security testing aligns with HIPAA compliance requirements, focusing on the protection of sensitive healthcare data.
Work with compliance teams to verify that security testing, vulnerability assessments, and incident response procedures adhere to HIPAA guidelines for data encryption, access controls, and data breach notification..
Real-Time Security Observability: Leverage Datadog for security monitoring, incident detection, and observability in real-time.
Track key security metrics, identify unusual patterns or anomalies, and respond promptly to potential incidents..
Automated Security Testing: Integrate security testing tools like Rapid7 InsightVM into CI/CD pipelines to automate vulnerability scanning and security assessments, improving the efficiency of security operations..
Security Code Reviews: Review application code for potential security flaws, particularly in environments subject to HIPAA, ensuring secure coding practices are followed.
Identify vulnerabilities related to data handling, encryption, and authentication mechanisms..
Security Standards Compliance: Ensure security testing procedures comply with industry standards, including OWASP Top 10, NIST, ISO 27001, PCI DSS, and HIPAA.
Provide regular security reports that demonstrate compliance and identify areas of improvement..
Reporting Documentation: Document findings from security assessments, penetration tests, and cloud assessments, detailing risks, vulnerabilities, and mitigation strategies.
Provide clear reports for both technical and non-technical stakeholders..
Mentorship Leadership: Mentor junior team members in security testing techniques, tool usage (including Rapid7 and Datadog), and best practices.
Foster a culture of continuous learning and improvement within the team..
Continuous Research Improvement: Stay current with emerging security threats, vulnerabilities, and technologies.
Participate in the development and continuous improvement of security testing methodologies and processes..
Required Qualifications:.
Experience: 8-10 years of hands-on experience in security testing, vulnerability assessments, penetration testing, and cloud security, particularly in AWS environments.
Expertise in using Rapid7 tools (e.g., InsightVM, Nexpose, Metasploit) and Datadog for security observability..
Technical Skills:.
Expertise in vulnerability management and penetration testing, including experience with Rapid7 InsightVM and Metasploit..
Extensive experience in security testing and assessments within AWS environments (e.g., EC2, S3, IAM, RDS, Lambda)..
Experience ensuring compliance with HIPAA regulations, particularly regarding the security of protected health information (PHI), data encryption, and access controls..
Familiarity with Datadog for real-time security monitoring, incident detection, and observability..
Strong understanding of common web application vulnerabilities (e.g., SQL injection, XSS) and network security risks..
Experience integrating security testing into CI/CD pipelines for automated vulnerability scanning and security validation..
Certifications (Preferred):.
Certified Ethical Hacker (CEH).
Offensive Security Certified Professional (OSCP).
Certified Information Systems Security Professional (CISSP).
GIAC Web Application Penetration Tester (GWAPT).
Certified Cloud Security Professional (CCSP).
AWS Certified Security Specialty.
Soft Skills:.
Excellent communication skills with the ability to convey complex security concepts to both technical and non-technical audiences..
Strong problem-solving and analytical abilities..
Leadership skills and the ability to mentor junior team members..
Detail-oriented with a strong passion for cybersecurity and compliance..
Desired Experience:.
Experience securing applications and infrastructure within AWS, including setting up secure networking (VPC), IAM policies, and security best practices for EC2, S3, and other AWS services..
Hands-on experience with HIPAA compliance requirements, such as encryption (at rest and in transit), access control, audit logging, and incident response for healthcare applications..
Familiarity with containerized applications (Docker, Kubernetes) and their security testing..
Experience with automated testing frameworks and integrating them into DevSecOps workflows..
Working Environment:.
Collaborative and dynamic work environment with opportunities for growth and development..
Flexible work options, including remote or hybrid arrangements (depending on location)..
Access to cutting-edge security tools and technologies..
Preferences:.
Job Overview:.
We are seeking a Senior Security Tester with 8-10 years of experience to join our security team.
In this role, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities across applications, networks, and cloud infrastructure.
You will leverage Rapid7 tools (such as InsightVM, Nexpose, Metasploit), Datadog for security observability, and perform security assessments within AWS environments while ensuring compliance with HIPAA regulations.
Your expertise will help guide our security testing processes, maintain a strong security posture, and ensure our systems meet critical healthcare data protection standards..
Employment Type: Full Time, Permanent
Read full job descriptionHitachi Interview Questions & Tips
Prepare for Hitachi roles with real interview advice
What people at Hitachi are saying
What Hitachi employees are saying about work life
based on 630 employees
Flexible timing
Monday to Friday
No travel
Day Shift
Hitachi Benefits
Submitted by Company
Job Training Health Insurance Soft Skill Training 
Cafeteria
Submitted by Employees
View more benefits 
Compare Hitachi with
Siemens
Compare
Bosch
Compare
Schneider Electric
Compare
ABB
Compare
Mitsubishi Electric
Compare
Toshiba
Compare
Emerson Electric Co.
Compare
Honeywell Automation
Compare
Johnson Controls
Compare
GE
Compare
TÜV SÜD
Compare
John Crane Sealing Systems India
Compare
GE Transportation
Compare
Flowserve
Compare
KONE
Compare
Caterpillar Inc
Compare
ECE Elevators
Compare
GKN
Compare
Alfa Laval
Compare
Valmont Structures
Compare
Similar Jobs for you
Hitachi Noida Office Location
Noida Office
B-23, 1st Floor, Sector-2, Dist. G.B. Nagar, B Block, Sector 2, Noida, Uttar Pradesh 201301, India
Noida
View on map
SR Oracle Fusion Technical Analyst Cash Management 4
4-7 Yrs
Hyderabad / Secunderabad
Share an Interview