Vulnerability Assessment & Penetration Testing Engineer - Information Security (4-10 yrs)

Job Title : VAPT-(Vulnerability Assessment & Penetration Testing)

Location : Pune, Chennai, Bangalore

Skills : Metasploit,Nessus , Vulnerability Management

Job Summary :

As an Information Security Consultant, candidate have to lead, manage and execute enterprise-wide security projects. Candidate have to engage with onshore team to understand their security needs, scope solutions and initiatives, drive the creation of project deliverables such as assessment reports, executive summaries, and support in the delivery of the project

Responsibilities & Skills :

- Lead and execute vulnerability assessment using Nessus

- Performing penetration testing using manual techniques and automated tools along with runtime vulnerability testing tools.

- Automate frequently executed controls with the aim to drive efficiency and increase coverage in assessments Risk analysis and identification

- Performing Configuration review of servers/ network devices/ database servers.etc.

- Integrating VM program within Application framework and lifecycle models such as waterfall, Rational Unified Process and Agile software development.

- Engage with the clients to understand the requirements, provide regular updates,answer queries and present the reports and findings.

- Implement Vulnerability Management Program across enterprise.

- Strong understanding on discovered vulnerabilities and discussion with various stake holders on the mitigation plan.

- Develop the strategy & technology roadmap for the vulnerability mitigations

- Strong understanding on Minimum baseline security standards as per security benchmarks.

- Manage & mentor a complex & diverse team of VMaaS specialists and develop junior resources

- Understanding on cloud security

- Attend technical engagement with audit, regulators and third parties, when required.

- Should have knowledge on various Hardening benchmarks of tools in terms of security not limited to CIS, NIST and Audit them

- Stay updated with the latest developments in the information security space.

- Stay updated latest critical and high security advisory to respective customers and stake holders and mitigation planning