Job Purpose :

- Discover and Mitigate Cyber Risks and exploitable vulnerabilities on the internet facing apps/assets.

- Conduct Regular Vulnerability Assessment and Penetration Testing of the applications

- Experience with latest technologies and security standards such as OWASP, CVSS, Mitre etc.

- Mobile App Reversing and pen testing as Android and iOS applications security standards

- Familiarity with malicious code identification and common hacker attack techniques

- Conduct regular Secure Code and Architecture Review, SAST and DAST

- Latest technology security API, Microservices, RPA, IOT etc.

- Ethical Hacking and Red Teaming Activity

- Assess Third Party Partner vulnerabilities and security risk

- Remediations, Closures Tracking, Reporting and Management of all Cyber Risks

- Engage with technology Teams and partners and business units to resolve identified vulnerabilities within acceptable timelines

- Design and deliver actionable Information Security dashboards and scorecards

- Work with partners in carrying out comprehensive VAPT assessment

- Advanced understanding with working experience collecting and tracking threat intelligence

- Experience working with tracking, communicating, and prioritizing vulnerabilities and cyber threats to an enterprise-wide organization

Duties and Responsibilities :

Minimum required Accountabilities for this role :

- Engineering / Computer Graduate with 5-9 years of Information / Cyber Security Experience

Additional Accountabilities pertaining to the role :

- Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, EMAPT etc.

- preferred (Good to Have) :

Key Decisions / Dimensions :

- Activity calendar planning

- Security Audits preparedness

- Preparation of testcases for infosec sign-offs

Major Challenges :

- Timely vulnerability closure

- Change management infosec sign off with in defined TAT

Required Qualifications and Experience :

Qualifications :

- Post-Graduates with relevant security experience of 4-6 years (also graduates with experience of 6-8 years may apply)

Work Experience :

- Engineering / Computer Graduate with 5-9 years of Information / Cyber Security Experience

- Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, EMAPT etc.

Preferred (Good to Have) :

- Prior experience of Security Testing, OWASP Top 10 and application security

- Prior experience of Payment Testing, Mobile Applications and API Security testing

- Sound in latest application technologies and network attacks execution

- Good Written and Verbal Communication with Presentation Skills

- Good Team Player and sound in stakeholder management

- Threat Modelling, Cloud Security and WAF basics clarity

- DevOps / DevSecOps and Source Code security review experience is added boon

- Well versed with related tools and techniques of all the above