ValueMentor is looking for Security Analyst for performing VAPT.

Job Responsibilities

  • Perform the security assessment of web applications, network and servers
  • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations
  • Create post-assessment reporting that describes findings and their risks, exploitation procedures, and remediations.
  • Generate reports and suggest remediation/mitigation plan as per the requirements
  • Maintain current knowledge of security vulnerabilities, tools, tactics, and trends.
  • Audit configuration of Network and Security devices
  • Write in-house tools, extenders, and automated scripts to enhance the security assessment
  • Perform security code review
  • Write in-house tools, extenders and automated scripts
  • Discuss the assessment result and issues with the customer during and after the assessment

Skills Required

Technical Skills:

  • 2 – 3 years of in conducting Network VA/PT and App VA/PT work
  • In-depth familiarity with Windows and/or Linux operating systems
  • Experience running exploits in a Production environment
  • Understanding of application technologies and its components
  • Knowledge of current adversary techniques, tactics, and procedures
  • Working knowledge of network technologies and infrastructures
  • Proficiency in one or more programming languages
  • Familiarity with wireless (802.11b) technologies
  • Open Source Intelligence gathering
  • Exploit Development / Vulnerability Research highly desired
  • Hands-on experience of security code review
  • Experience with vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Acunetix, Nessus, Burpsuite Pro)
  • Experience with code scanning toolsets such as Fortify and CheckMarx
  • Knowledge of OWASP tools and methodologies

Soft Skill

  • Ability to multi-task
  • Excellent client relationship skills
  • Excellent communication and report writing skills
  • Team player and carry out onsite projects
  • Excellent time management skills
  • Self-learner
  • Strong ethics and understanding of ethics in business and information security

Education Qualification

Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience.

Desired Certifications:

CEH, ECSA, GPEN, LPT, OSCP & CISSP are preferred

Please send your CVs to [email protected] with the subject line: “Resume: Security Analyst – VAPT”