Penetration Tester
Viraj Innovative Technology
Penetration Tester
Viraj Innovative Technology
Alandi, Pune
₹30,000 - ₹40,000 monthly
Fixed
₹30000 - ₹40000
Earning Potential
₹40,000
Job Details
Interview Details
Job Highlights
77 applicants
Job Description
Job Description 1. Organisation Unit Purpose (why does the unit exist? What are the results the unit is expected to deliver?) The unit’s primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles/patterns/controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads / stakeholders. 2. Job Purpose (Why does the job exist? What is the unique contribution made by the job holder?) Primary/General Job Purpose: • Encourage ‘Shift Left’ Mindset - Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle • Implement via Influence - Influence stakeholders such as Product Owners, Solution Architects, Developers, Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees • Assessments – Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes. Key Skills – Web and Mobile Application Security, Security Code review, API security, Platform security, IAST, SAST, DAST, • Tools and Technologies – Expertise Burp Suite, MobSF, Frida, Kali Linux, Nessus, Checkmarx SAST, Kubernetes, Docker, Jenkins, GitHub, OpenShift and good knowledge about microservice architecture and pipeline driven security. Experience with following Components: 3. Technical Requirements Application Security Assessment Skillset 1. Mobile App testing (Android & iOS) 2. Web Application Security 3. Security Code Review 4. Container Review 5. Infrastructure Review 6. WAF rules review Soft Skills: • Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective • Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement “good architecture principles” to lower technical debt • Assertive personality; should be able to hold her/his own in a project board or work group setting • Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner • Ability to work under pressure and meet tough/challenging deadlines • Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not • Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint • Has strong decision making, planning and time management skills. • Can work independently. • Has a positive and constructive attitude. 4. Person Specifications (required to carry out the job, not what the current or recommended incumbent possesses) Specifications Description of Knowledge / Skill etc. Desirable or Essential A. Education • General • Professional Bachelor’s degree in a computer-related field such as computer science, cyber/information security discipline, physics, mathematics or similar • General Information Security: CISSP, OSCP, CEH, CISM/CISA or similar Essential Desirable • General Cloud Security: CCSK /CCSP or similar • Specific Cloud Security: AWS/Azure/GCP/Oracle Solution/Security or similar • Network Security: CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist Must have minimum 4 years of experience in an information Essential B. Experiences security function with good background in information (Years & Type) technology, stakeholder management and people • Industry management • Regional • Functional Minimum 3 years of experience, as a Security Engineer Essential especially in Cloud Native environments Deep foundational knowledge of Mobile Applications, Intensive skills on SSL pinning bypass, root / jailbreak bypass, core Mobile application exploitation Skillset Essential Expert at the technology and frameworks in his/her area of expertise, and coach other architect on development standards and best practices. Desirable Good understanding of Microservice based architecture (Technical) Desirable Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection/detection & API /Micro services Security Desirable Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical) Essential C. Knowledge & Skills • Technical • Functional • Managerial The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise The Analyst / Engineer can understand and interpret potential issues found in source or compiled code Desirable Desirable The Analyst / Engineer has automation skills/capability in the form of scripting or similar Desirable The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures Desirable Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and/or during agile ceremonies, via Evil Stories Desirable The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance Desirable The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams. Desirable The Analyst / Engineer can interpret and understand Desirable vulnerability assessment reports and calculate inherent and/or residual risks based on the assessment of such reports Desirable Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team. Good negotiation skills will be desirable Must have good judgment skills to decide on an exception approval Desirable Desirable Ability to enforce improvements when necessary, using Influence rather than Policing measures Desirable Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders Desirable Knowledge of application of Agile methodologies/principles such as Scrum or Kanban D. Behavioral Competencies • Thinking Related • People Related • Self Related - Influencer/Security Evangelist for the Team/Squad - Positive & Constructive Attitude - Autonomous worker / Decision Maker - Good listener - Patient & Calm during stressful situations - High energy individual / Motivator - Win-Win Attitude - Hacker/Defense-In-Depth mindset - Analytical thinking - Team Player/Interpersonal Skills - Eye for detail - Persistent & Persuasive - Organized / Structured - Deadline oriented - Competent and committed - People’s Person; understands stakeholder management - Empathetic - Passionate about architecting smart solutions - Innovator/Out of the box thinker - Collaborative Leadership style - Confident Presenter All Essential E. Personal Profile • Age • Nationality • Gender • Age – No bar • Nationality – No bar • Gender – No bar • Any Other
More about this Penetration Tester job
Viraj Innovative Technology is aggressively hiring for the job profile of Penetration Tester at Pune in Alandi locality. Kindly go through the FAQs below to get all answers related to the given job. 1. How much salary can I expect? Ans. You can expect a minimum salary of 30,000 INR and can go up to 40,000 INR. The salary offered will depend on your skills, experience and performance in the interview. 2. What is the eligibility criteria to apply for this job? Ans. The candidate should have completed Graduate degree and people who have 3 to 31 years are eligible to apply for this job. You can apply for more jobs in Pune to get hired quickly. 3. Is there any specific skill required for this job? Ans. The candidate should have Good (Intermediate / Advanced) English skills and sound communication skills for this job. 4. Who can apply for this job? Ans. Both Male and Female candidates can apply for this job. 5. Is it a work from home job? Ans. No, it’s not a work from home job and can’t be done online. You can explore and apply for other work from home jobs in Pune at apna. 6. Are there any charges or deposits required while applying for the role or while joining? Ans. No work-related deposit needs to be made during your employment with the company. 7. How can I apply for this job? Ans. Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview. 8. What is the last date to apply? Ans. The last date to apply for this job is 27-Jun-2022. For more details, download apna app and find Full Time jobs in Pune. Through apna, you can find jobs in 74 cities across India. Join NOW!
Job Requirements
Experience
Min. 3 Years
Education
Graduate
English Level
Good (Intermediate / Advanced) English
Job Role
Department
IT & Information Security
Employment Type
Full Time
Role / Category
IT Support
Shift
Day Shift
Interview & address details
Work Location
ear, Shree Ganesh Galaxy, Shop No 14, next to Tirupati Balaji Temple, Wadmukhwadi, Gokhale Mala, Pune, Maharashtra 412105 Alandi, Pune
Interview mode
In person
Interview address
ear, Shree Ganesh Galaxy, Shop No 14, next to Tirupati Balaji Temple, Wadmukhwadi, Gokhale Mala, Pune, Maharashtra 412105 Pune
Job posted by Viraj Innovative Technology
Trusted by top companies
Bajaj Allianz Life I...
64 Jobs
Zomato
60 Jobs
Sushco Unicorn
24 Jobs
Krishna Enterprise
13 Jobs
This job has expired