SENIOR ANALYST & TEAM LEAD –
SECURITY TESTING

title-pattern.png
peoples-01-nissqi4b9rs2eg9fs94fazyj0igaj587ql1p09ob8c.png

Job Description:

The Senior Analyst & Team Lead Security Testing profile is a pivotal role of the Security Testing Services Team. It includes managing and executing complex security testing projects, leading a team of security analysts and ensuring high level of quality in service delivery. It involves enhancing the team’s skill sets and providing high quality deliverables while improving the efficiency of the testing.

Required skill set : 2+ years of Application and Network Security Testing Experience

  • Expertise in web application security testing
  • Expertise in mobile application security testing
  • Expertise in network infrastructure security testing
  • Expertise in wireless infrastructure security testing
  • Expertise in configuration audit of multiple platforms
  • Ability to handle difficult situations and to provide alternate solutions or workarounds
  • Experience in training and mentoring other team members
  • Good verbal and written communication skills with the ability to talk to both business teams and technical teams

Preferred skill set:

  • Experience with Network Architecture Review and Firewall Rule-base Audit
  • Experience with Source Code Review will be a plus
  • Experience in Application Architecture Review will be a plus
  • Security certifications such as OSCP, CEH, etc.
  • Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)
  • Flexible and creative in helping to find acceptable solutions for customers
  • Ability to work on multiple complex assignments simultaneously
  • Ability to work independently with minimal oversight or in teams
  • Experience with leading and guiding a team of security analysts
  • Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications
  • Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.

Job Responsibilities:

  • The candidate is expected to execute complex and enterprise application, and infrastructure security testing projects
  • The candidate is expected to ensure completion of project on time, co-ordination for pre-requisites, tracking delays, etc.
  • The candidate is  expected to gain an in-depth knowledge and understanding of enterprise networks, web and mobile application developed in various languages (i.e. Java, ASP, .NET, C++, C#, etc.)
  • The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis
  • The candidate is expected to do likelihood determination, impact analysis and risk determination
  • The candidate is expected to showcase prioritization of risks including solution recommendation and documentation
  • The candidate is expected to identify and infer the business risk posed by the weaknesses identified during the assessments
  • The candidate would have to manage multiple complex projects simultaneously, when required
  • The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure and post-project support perspectives
  • The candidate is expected to mentor and train junior resources with focus on enhancing their skill sets
  • The candidate is expected to monitor their team members’ adherence to established security testing processes and organization’s policies and procedures
  • The candidate is expected to conduct project reviews to ensure that a thorough testing is conducted by the team
  • The candidate is expected to perform technical reviews to identify errors and suggest changes to ensure highest quality of the deliverables
  • The candidate is expected to execute complex test cases and develop proof of concept for showcasing the vulnerabilities to the client
  • The candidate is expected to track errors made by the analysts and develop an improved plan for them
  • The candidate should be open for on-site deployments anywhere across the world as business demands

To apply for this position, please e-mail your resume to careers@paladion.net with ‘Senior Analyst & Team Lead – Security Testing’ in the subject line