We have an urgent opening for Network Penetration Testing Engineer with our client, a reputed American MNC in Andheri East in Mumbai.
Location :Andheri East(Mumbai)
Experience:3+yrs
Job Details as below
Organisation : American process outsourcing company
Location : Mumbai (Andheri)
Position : Network Penetration Testing Engineer
Max CTC. - Upto 8 LPA CTC (depending on current salary and experience)
JD: Penetration Tester
Summary of Primary Job Responsibilities:
This position involves performing security vulnerability assessment and penetration testing. Penetration tests will involve a mixture of environments, including network devices, servers, systems, databases and applications that are web-based, server-based and virtual. The successful candidate will work effectively in both individual and team environments. The incumbent must be a self-starter, who is able to contribute to the overall success of the team as well as within other teams.
Education:
Bachelor’s degree in Information Technology, Computer Science, or related field. Experience may be evaluated in lieu of educational requirements on a case by case basis.
Experience Target:
3+ years' experience:
• Performing network, system and application vulnerability assessments and penetration testing.
• both open-source and commercial testing tools including: Kali Linux, Nessus, Metasploit, Nmap, BurpSuite Proxy, Wireshark, Kismet, etc. Additionally, must maintain awareness and knowledge of newly released open-source tools and exploits.
• Using various scripting languages such as Python, Perl, Powershell, Bash, etc.
• Analyzing identified vulnerabilities to write clear and concise assessment, penetration testing and compliance reports.
• Configuring, administering, and troubleshooting Operating Systems including Unix/Linux, Windows, iOS, Android and the various network devices.
Knowledge/Skills/Abilities:
Applies advanced knowledge of concepts, practices and procedures of IT Security, with awareness of related fields.
Applies analytical and interpretive thinking to complex problems; determines methods /procedures based on professional judgment to achieve desired outcomes. Specific skills include:
• Knowledge of TCP/IP protocols and networking architectures.
• Knowledge of databases, applications, and web server design and implementation.
• Knowledge of security and IT standards, such as PCI DSS v3.0 & NIST SP800.
• Knowledge of the National Vulnerability Database (NVDB) & the Common Vulnerabilities and Exposures List (CVE). CVE is a dictionary of publicly known information security vulnerabilities and exposures.
• Experience with mobile devices and mobile application security, including secure configuration and tools, techniques and procedures for security testing.
• Experience assessing and testing network devices, including firewalls, routers, VPNs and switches.
• Experience with programming and scripting in C++, Perl, Python, bash, Java and/or Assembly Language (x86).
• Experience with TCP/IP including but not limited to HTTP, HTTPS (SSL), DNS, SMTP, MSRPC, RDP and SSH.
• Experience with wireless network security, including secure configuration and tools, techniques and procedures for security testing.
• Experience with application security, including source code review.
• Experience with audit techniques to identify insecure configurations of Windows/Unix/Linux, web servers (Apache, IIS, etc.), databases (MySQL, MSSQL, Oracle, etc.) and web application scripts (PERL, Python, ASP, etc.).
• Experience with one or more social engineering test modes (physical, phishing or pre-texting).
• Excellent time management, written documentation and oral presentation skills.
Will consider relevant security certifications such as CEH, GIAC, CISSP, GPEN, CEPT, LPT, CPT, OSCP, etc.
Regards,
Aditi
Email id-maximagroupplacements@gmail.com
No comments:
Post a Comment