Security Consultant – Testing and Assurance / VAPT
Role | Security Consultant – Testing and Assurance / VAPT |
Job type | Full-time |
Experience | 3+ Yrs |
Location | Hyderabad, India |
Reports to | Security Lead |
Reportees | Nil |
Job Responsibilities & Experience
- Possess a Bachelor’s Degree
- Certification desired – CEH, OSCP, ECSA etc
- A minimum of 3 years of experience in information security with a focus on vulnerability assessment and penetration testing
- Sound knowledge of application security concepts, approach, and methodology.
- Sound knowledge of VAPT concepts and best practices.
- Good understanding of Networking concepts
- Understanding of packets
- Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
- Extensive experience with common automated VA/PT tools such as Nessus, Appscan, Burp Suite, Nipper, Acunetix, OWASP ZAP, etc.
- Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Backtrack, Metasploit, etc.
- Ability to validate the presence of identified vulnerabilities with accuracy
- Mastery of common application platforms and technologies in order to effectively understand and evaluate complex application assessments via the use of manual techniques and simple tools such as proxies and browser plugins
- Authoritative understanding of OWASP, CVE, general security controls, and other foundational topics such as the latest application and operating system exploits
- Ongoing commitment to understanding the threat landscape and common adversary motivations/practices
- Ability to quickly adapt practices to evolving circumstances.
- Knowledge of common scripting and programming languages is advantageous.
- Communication Skills:
- With stakeholders on project performance and project issues.
- Ability to maintain critical thinking and composure under pressure.
- Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English.
- Ability to be productive and maintain focus without direct supervision.
- Understands VAPT in the context of risk management and organizational priorities.