To Download VAPT JD Please : Click Here

Vulnerability Assessment and Penetration Testing (VAPT) Engineer
Location
:
Ahmedabad, Gujarat
Position type
:
Permanent
Domains
:
Web application, Mobile Application & Networks
Experience
:
Min 1 year of experience working in same domain on corporate projects
Salary Range
:
1.80L – 2.64L PA

Responsibilities :

  • Design, implement, and support VAPT solutions identified as necessary for the protection of Firm assets

  • Serve as the system owner for common VAPT toolsets, platforms, and processes and Engage in continual environmental monitoring to understand the threat environment relative to the organization

  • Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools

  • Map out a network, discover ports and services running on the different exposed network and security devices

  • Conduct penetration test and launch exploits using Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets

  • Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption

  • Analyze scan reports and suggest remediation / mitigation plan

  • Keep track of new vulnerabilities on various network and security devices for different vendors Provide innovation within the context of the Vulnerability and Penetration Testing (VAPT) program in relation to both process and technology

  • Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices

  • Advanced technical analysis on intrusions

  • Audit configuration of Network and Security devices

  • Providing rich client specific reports and Provide assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles. Should be able to deliver management summary presentations and Ability to present findings to technical staff and executives.

  • Should be ready to perform at client site for required time periods at required locations

  • Maintain assigned systems to ensure availability, reliability, integrity, including the oversight of current and projected capacity, performance, and licensing

  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors

  • Mentor junior members of the VAPT group and provide constructive consultation to other peer groups such as Development

  • Provide exemplary customer service by striving for first call resolution and demonstrating, empathy, respect, professionalism, and expertise

  • Participate in Creation of Video materials related to cyber attacks as and when required

Essential Criteria :

  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking

  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables

  • Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper, Trustwave, NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone)

  • Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)

  • Ability to validate the presence of identified vulnerabilities with accuracy

  • Mastery of common application platforms and technologies in order to effectively understand and evaluate complex application assessments via the use of manual techniques and simple tools such as proxies and browser plugins

  • Authoritative understanding of OWASP, CVE, general security controls, and other foundational topics such as the latest application and operating system exploits

  • Analytical thinker willing to “think outside the box” to resolve customer impacting situations on first contact; understand customer risk profile

  • Self-starter and ability to deliver under defined time lines

  • Knowledge of common scripting and programming languages is advantageous.

  • Ongoing commitment to understanding the threat landscape and common adversary/motivations/practices. Ability to quickly adapt practices to evolving circumstances

Technical & Practical Skills :

  • Ability to maintain critical thinking and composure under pressure.

  • Strong written and oral communication skills. Ability to convey complex concepts to nontechnical constituents. Proficiency in oral and written English.

  • Capable of providing assistance with the preparation of internal/external training materials and documentation

  • Ability to be productive and maintain focus without direct supervision

  • Understands VAPT in the context of risk management and organizational priorities

  • Passionate in the practice and pursuit of VAPT excellence

  • CISSP or SSCP

  • GIAC GPEN or GWAPT prefferred

  • Offensive Security OSCP preferred

Interested candidates can send their resume at [email protected]   with title :   “APPLY for VAPT”