Job Description:

To operate in Cyber Defence - security service for penetration testing Proactively discover vulnerabilities and ensure mitigation actions are deployed in the defined time schedule To manage andoversee all penetration testing projects, push vulnerability remediation, ensure to meet all defined SLAs and KPIs for the services provided by the teams Manage & administrate penetration-testing activities & ensure effectivecontrols are in place to detect vulnerabilities across Vodafone infrastructure, services and applications

Execute security assessments and penetrationtests to highlight and clearly articulate risk to the business in terms they understand
Create scope definition of security tests and provide detailed technical reports of security tests with analysis results and recommended action plan for remediation
Create monthly and weekly reports on the Penetration testing activities and Participate in the senior management meeting to update the monthly/weeklystatus
Maintain and operate the tools, devices and lab environment needed for security tests
Contribute to the creation and maintenance of Group level policies and guidelines concerning security assessment and testing
Proactively discovervulnerabilities in Vodafone environments and produce defensive techniques and reports the analysis of vulnerability and remediation action with POC of exploits
Act as primary technical subject matterexpert for security testing
Lead and oversee the work of junior colleagues in the team while executing remote or on-site tests
Accountable for the overall test execution, quality of work and deliverables of assigned security test engagements
Holdregular presentations and workshops on new techniques and methods both within and outside of the team
Responsible for the continuous development of security testing services and processes
Perform vulnerability research to identify new, previously unknown and unpublished vulnerabilities
Develop exploits and proof of concept (POC) code to demonstrate feasibility of certain attacks

Key accountabilities and decision ownership

Impact on the business

Executes security testing for the Vodafone assets to highlight and clearly articulate risk to the business

Participates in the scope definition of security testing and Vulnerability management

Acts as primary technical subject matter expert for security testing

Accountable for the overall testing infrastructure, testing execution, quality of work and deliverables

Proactively discovers vulnerabilities in Vodafone environments and ensure mitigation actions are implemented

Continuously develops security testing services and processes

Performs vulnerability research to identify new, previously unknown and unpublished vulnerabilities and research and do a POC on exploit codes

Creates detailed technical reports about Vulnerability testing and hand over findings to resolver teams; responds to technical queries related to the reports and findings

Tracks the work of the resolver team Follows up remediationactions with the local IT security managers

Collaborate with infrastructure and application owners on security hot-fixes

Support the cyber incident response team in specified vulnerability discovery and identification tasks during incident response and major security breach and incident management

Coordinate with stakeholders to develop requirements for service enhancements

Research about new zero day vulnerabilities, exploitation techniquesand ensure tests are targeted to identify the new vulnerabilities in Vodafone environment and ensure appropriate mitigation actions are initiated

Documents SOP, KEDB, processes and procedures

Integrate findings across infrastructure, to provide a holistic security posture for assets

Communication

Good communication skills inorder to drive the variousoperationally required communication processes within the VM Security Infrastructure

Core competencies,knowledge and experience

5 years relevant experience in VAPT
Must have industry recognized security certifications like OSCP
Experience with Information security concepts and design principles
Familiarity with Secure Development lifecycle
Experience in experience in Kali Linux and other penetrationtesting tools
Should have experience in Operating systems like Linux, Windows, web application, Virtualisation-VMWARE, network/ infrastructure security and assessments
Should have hands on experience in industry standard tools for port scanning, fuzz testing and vulnerability tests
Experience in WebApplication security testing (Black, White and grey box) and validation of the vulnerabilities
Knowledge on OWASP, Sandbox, Kali Linux, Burp suite, CVE, SSL PKI,2FA, IAM, Perimeter security, SIEM solutions
Understanding on digital certificates and PKI infrastructure
Good exposure in Database technologies (SQL, Oracle)
Good Experience in SAST, DAST (web application security),
Knowledge of Mobile applications security testing
Good knowledge on oneof the VA tools like Rapid7, Nexpose, Qualysguard, Tenable Nessus etc
Experience in reverse engineering is added advantage
Experience with scripting and programming skills (Python, Powershell, Java, Perl, Ruby etc)
Updated knowledge of the latest exploits and security trends , Dark Web , MITRE attack framework and kill chain model , APT

NA

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : IT-Hardware/Networking, Telecom
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 17th May 2020

Key Skills:

Would you like to try out these free online tutorials?

People who search this job also searched for the following Keywords

Sourced**

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status