Consultant - Vulnerability Assessments Job
Hyderabad, IN
Applications have closed
Yash Technologies
YASH specialists provide information, establish contacts and build bridges between the local decision-makers in German companies and the YASH teams.YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.
At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.
We are looking forward to hire Vulnerability Assessments Professionals in the following areas :
Position Name: Associate Consultant - VAT/ PT
Job Description
This position is responsible for all tasks related to vulnerability assessment and penetration testing in a complex environment and demands one to stay current with emerging technologies and vulnerabilities. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving.
In addition, this position is responsible for analyzing security vulnerabilities and determining if there is an attack surface and impact. The ideal candidate understands the full cycle of a penetration testing, software vulnerability, from exploitation to mitigation and must be experienced with cybersecurity reviews, vulnerability management, vulnerability assessment and security awareness.
Number: 01
Location: Across India
Total Experience: 5 to 6 years (relevant)
Preferred Qualifications
- The team members shall prepare the assessment plans, test cases, and test scenarios to perform the penetration testing. Experience in web application, infrastructure and network Vulnerability Assessment & Penetration Testing.
- Experience in Vulnerability Assessment and Penetration testing using industry standard tools such as Vulnerability Scanners for e.g.: Qualys, Nessus, Nexpose, Acunetix, Metasploit, Burp Suite Pro, Netsparker etc.
- Experience in using security frameworks such as Metasploit, Kali Linux, OSSTM etc.
- Experience and knowledge of Penetration testing of servers, and any assets (OS, infra & network).
- Experience and knowledge of Web Application Security standards such as OWASP/SANS etc.
- The Security Test Engineer should have the ability to stay organized and possess excellent communication skills.
- Experienced in preparing and presenting detailed penetration testing report.
- The security test engineer will be part of the audit team that shall conduct security audits for the clients to identify the gaps in terms of web security.
Skills
- Conducting vulnerability scans and recognizing vulnerabilities in security systems assessing the robustness of security systems and designs
- Network analysis tools to identify vulnerabilities.
- Maintain awareness of vulnerability information, complexity to exploit, and exploit availability or feasibility to create an exploit.
- Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a level acceptable.
- Creation of vulnerability metric and remediation-related dashboards and reports.
- Understands and advises on enterprise policies and technical standards with specific regard to vulnerability assessment and penetration testing.
- Liaise with stakeholders to understand, prioritize, and coordinate vulnerability remediation activities.
- Maintain awareness of publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis).
- Ability to fully understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs.
- Engage cross-divisional teams and oversee the implementation of security recommendations by leveraging appropriate communication methods, tracking remediation of identified risks, mitigation strategies, plan activities and dependencies.
Working Knowledge
- Cybersecurity principles
- Security source code review vulnerabilities
- Cyber threats and vulnerabilities
- System and application security threats and vulnerabilities
- General attack stages (e.g.: foot printing and scanning, enumeration, gaining access)
- Escalation or privileges, maintaining access, network exploitation, covering tracks)
- Ethical hacking principles and techniques; penetration testing principles, tools, and techniques.
- Use of penetration testing tools and techniques and social engineering techniques
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Must be adaptable to changes in the work environment, comfortable with multiple competing demands and able to deal with frequent change, delays or unexpected events in a calm and logical manner.
Minimum qualifications
- Bachelor's degree or equivalent practical experience.
- 8 years of relevant work experience within areas of penetration testing
- Previous experience with systems administration and/or programming.
- Mandatory certifications - Offensive Security Certified Professional (OSCP)
At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.
Our Hyperlearning workplace is grounded upon four principles
- Flexible work arrangements, Free spirit, and emotional positivity
- Agile self-determination, trust, transparency, and open collaboration
- All Support needed for the realization of business goals,
- Stable employment with a great atmosphere and ethical corporate culture
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Audits Burp Suite Ethical hacking Exploit Kali Linux Metasploit Nessus Offensive security OSCP OWASP Pentesting Qualys SANS Vulnerabilities Vulnerability management Vulnerability scans
Perks/benefits: Flex hours Team events Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.