Skilled Penetration Testers ( 3 Yrs - 10 Yrs) - CyberSecurity
InfoMagnum Network
We are hiring For Skilled Penetration Testers ( 3 Yrs - 10 Yrs) - CyberSecurity
If selected you will be one among the Security Task Force team dealing with niche products in the area of IoT (Internet of Things)
The successful candidate should be able to demonstrate an innovative and enthusiastic approach to technology and problem solving, will display good interpersonal skills and show confidence and ability to interact professionally with people at all levels.
Key Accountabilities
Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling.
Liaison with Developers, Architects, Project Managers to understand the working of an application, how effectively they are implemented and where security mechanisms are employed.
Understand the business requirements, evaluate potential products / solutions and provide technical recommendations.
Be "hands on" with technology and to contribute to the design, development and support of projects with the Security recommendations.
Review design and development artefacts to ensure security quality in the products being developed.
Protect company's information assets by promoting the understanding and acceptance of Information Security Policy and Standards.
Contribute to Enterprise Architecture in definition of the technology stack and various standards and guidelines for development teams.
Skills and Experience
3+ years of providing application security services with exposure to application lifecycle security (Web, Mobile, Cloud, API).
Strong understanding of IoT Architecture (Components, DataFlow, Protocols, Interfaces, etc)
Strong understanding of attack vectors from OWASP, WASC and mitigation of the same.
Strong understanding of general security concepts and principles and application specific security concepts and principles.
Strong understanding of Software Development Life Cycle (SDLC) with a focus on security.
Strong understanding of protocols (HTTP, HTTPS, SSL, TLS, DHCP, DNS, MQTT, AMQP, CoAP)
Strong understanding of Threat Modeling, assessment of impact and likelihood of threat scenarios
Strong understanding of applications design and architecture.
Strong understanding of Encryption (both Symmetric and Asymmetric), hash algorithm its principles and proper applicability.
Strong understanding of Public Key Infrastructure, SSL/TLS Protocols and digital signature principles.
Strong understanding in common web technologies, including browsers, HTML, XML, HTML5, Ajax, JSON, WebServices, JavaScript and WebServers, database.
Good to have handson experience with WiFi, BLE, RF, Telecom interface Security Testing.
Capable of understanding end user requirements from security perspective.
Good to have scripting knowledge (Python / Perl / Ruby / Shell)
Understanding of emerging technologies and corresponding security threats.
Sound business and technical acumen.
Problem-solving and critical-thinking skills.
Focused and versatile team player.
Self-motivated, flexible.
Professional Qualification : EC-Council, SANS, Offensive Security Certifications will be an added advantage.
Preference for Immediate Joiners ...
Revert with your Latest CV to ar...@infomagnum.com and cc: em...@infomagnum.com
Thanks
Arun
"Security is our First Priority"