SENIOR ANALYST – SECURITY TESTING

title-pattern.png
peoples-01-nissqi4b9rs2eg9fs94fazyj0igaj587ql1p09ob8c.png

Job Description:

  • Position  – Senior Analyst – Security Testing
  • Location – Mumbai
  • 2+ years of Application and Network Security Testing Experience

Skills:

  • Expertise in web application penetration testing
  • Expertise in mobile application penetration testing
  • Expertise in network penetration testing
  • Expertise in wireless network penetration testing
  • Expertise in configuration audit or vulnerability assessment of multiple OS and Network Device platforms
  • Ability to handle difficult situations and to provide alternative solutions or workarounds
  • Flexible and creative in helping to find acceptable solutions for customers
  • Good communication and writing skills with the ability to talk to both business people and technical people

Preferred skill set:

  • Experience with Network Architecture Review and Firewall Rule-base Audit
  • Experience with Source Code Review will be a plus
  • Experience in Application Architecture Review will be a plus.
  • Experience with testing different types of networks including VOIP, GSM, etc.
  • Security certifications such as OSCP, CEH, etc.
  • Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)
  • Ability to work on multiple complex assignments simultaneously
  • Ability to work independently with minimal oversight or in teams
  • Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
  • Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.

Roles and Responsibilities:

  • The candidate is expected to execute complex and enterprise application and infrastructure security testing projects
  • The candidate is expected to complete the projects within budgeted efforts and deliver high quality reports
  • The candidate is expected to gain in-depth knowledge and understanding of enterprise networks, web & mobile applications developed in various languages (i.e. Java, ASP, .NET, C++, C#, etc.)
  • The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis
  • The candidate is expected to be proactive in project planning and execution
  • The candidate is expected to do likelihood determination, impact analysis and risk determination
  • The candidate is expected to showcase prioritization of risks including solution recommendation and documentation
  • The candidate is expected to identify and infer the business risk posed by the weaknesses identified during the assessments
  • The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure perspectives
  • The candidate should be open for onsite deployments anywhere across the world as business demands

To apply for this position, please e-mail your resume to careers@paladion.net with ‘Device Management – Delivery Head’ in the subject line