Penetration Analyst
Company Name: RAS Infotech Limited
Posted On07 Jan
2021
Experience2 - 7 year(s)
LocationBengaluru, Hyderabad
SalaryNot Disclosed
Job Description
Roles and Responsibilities:
- Performed Web application vulnerability assessment.
- Assessment comprises of both Web application testing, Network VA, Mobile VA.
- Mobile security vulnerability assessment.
- VAPT and generating Developers report through various security tools.
- Performing OWASP top 10, NIST, SANS top 25 attacks for testing applications.
- Suggesting proper solutions for mitigating the vulnerabilities and retesting the application post developers mitigation.
- Post vulnerability assessment the vulnerabilities were reported in a proper Security report writing.
- Security report writing comprised with What is the vulnerability, Description of vulnerability, Proof-of-concept(Screenshot), Mitigation, Good reads(reference sites) will be added in report.
- Hosted Security awareness training and security measures should be taken care by developers and other teams.
- Performed White box testing and Grey box testing methodologies in application security testing.
- Network Vulnerability Assessment and Penetration testing.
- Hands-On experience for Web application Commercial tools like Burpsuite, Acunetix and Open source tools like SQLmap, Vega, OWASP Zap, OpenVAS etc.
- Hands-On experience for Mobile application tools like Burpsuite, MobSF, ZAP, QARK, Drozer etc.
- Hands-On experience for Network tools like Wireshark, Nmap, Nessus, Fiddler, Nexpose etc.
- Tested many APIs using Postman tool.
Desired Candidate Profile:
- experience in Web application security testing (SAST, DAST), VAPT, mobile application security testing, Network Vulnerability assessment.
- Knowledge in Security standards like OWASP top 10, SANS 25.
- An enthusiastic ethical hacker with highly motivated and leadership skills having bachelors of engineering degree in Information technology and diploma in Cyber Security.
- Certified ethical hacker.
- Eager to learn new technologies and methodologies.
- Always willing to innovate new things which can improve the existing technology.
- Quick learner.
- Strong problem-solving ability.
- Proactive Cyber Security Engineer with hands on experience Web Application penetration testing.
- Adept at designing, customizing, upgrading, fault diagnosing, implementing and migrating system application.
About Company
Company Info:
Website: www.rasinfotech-dubai.com
Address: 7-1-638 to 643 Flat No 407, 4TH FLOOR, BHANU ENCLAVE, SUNDER NAGAR, ERRAGADDA, Hyderabad, Telangana, India
Apply Now »
Officer Information Security at XL Dynamics India Pvt Ltd
Company Name: XL Dynamics India Pvt. Ltd.
Posted On06 Jan
2021
Experience0 - 5 year(s)
LocationNavi Mumbai
Salary2,50,000 - 3,50,000 P.A.
Job Description
KEY RESPONSIBILITIES:
- Analyze and assess vulnerabilities in the infrastructure (software, hardware, networks).
- Investigate available tools and countermeasures to remedy the detected vulnerabilities and recommend solutions and best practices.
- Protect system by defining access privileges, control structures and resources.
- Determine security violations and inefficiencies by conducting periodic audits of networks/servers.
- Upgrade system by implementing and maintaining security controls.
- Create, test and implement network disaster recovery plans.
- Install, configure, monitor and respond to security system.
- Define the IT Security Policies/Frame Works and best practices.
- Test for compliance with security policies and procedures.
Job Shift:
Night
Education:
We hire based on individual talent, skill and work ethic. Formal degrees are not a material in our hiring decision.
Note:
- This opening is for Night Shift.
- Salary will not be a constraint for the right candidate and it may vary based on experience and skill set. We are known as one of the best pay masters in the industry.
- Candidates who have appeared for our selection process in the last 3 months are not eligible to apply.
About Company
XL Dynamics India Pvt. Ltd. was established in 2002 and incorporated in 2005, with its wholly owned office located in Navi Mumbai.We are a privately held corporation providing IT, audit and quality control outsourcing solutions to a defined clientele in the US mortgage industry.
Being a technology savvy organization, we have helped clients to develop integrated technology platform to bring the best of the mortgage solutions. Our experience in financial services and the mortgage banking industry, with a blend of technology and our focus on providing the highest quality financial services to our clients in US from our operation centers in India; enables us to provide the most efficient and cost effective services to our customer.
Company Info:
Address: 301-302, 3, BUILDING NO. 5 SECTOR -2, MBP, MAHAPE, THANE, Maharashtra, India
Apply Now »
Information Security Management System - Pacific BPO
Company Name: PACIFIC BPO PRIVATE LIMITED
Posted On06 Jan
2021
Experience1 - 6 year(s)
LocationNoida(Sector-63 Noida)
SalaryNot Disclosed
Job Description
Experience:
2-5 years
Salary:
Best in the industry
Roles and Responsibilities:
Information security policy,
- Classification policy
- Access control policy
- Acceptable use of assets
- Risk assessment and risk treatment methodology
- Statement of Applicability
- Risk treatment plan, etc.
- Be responsible for reviewing and updating main documents
Risk management:
- Perform risk assessment.
- Coordinate the whole process of risk assessment.
- Propose the selection of safeguards.
- Propose the deadlines for safeguards implementation.
Relationship with top management:
- Communicate the benefits of information security.
- Propose information security objectives.
- Report on the results of measuring.
- Propose security improvements and corrective actions.
- Propose budget and other required resources for protecting the information.
- Notify ISMS Manager about the main risks.
- Report about the implementation of safeguards.
- Advise ISMS Manager on all security matters.
Improvements:
- Ensure that all corrective actions are performed.
- Verify if the corrective actions have eliminated the cause of nonconformities.
Perks and Benefits
5 days working organization
Sat and Sun Fixed Off
Ready to work from the office
Only Male Candidates apply
About Company
PACIFIC is an IT services and solutions provider with offices in USA and India. We have state of the art delivery centres in India that leverage a cost-effective delivery mechanism and a wide talent pool catering to a client base consisting of Fortune listed companies. Pacific offers Healthcare service providers the full spectrum of Revenue Cycle Management solutions, Healthcare IT services, Medical Records Summaries , TPA Claims Management and Healthcare Analytics.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute, print or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. Any views or opinions presented in this email are solely those of the author and do not necessarily represent the views of the company.
We have checked this message for any known viruses; however we decline any liability in case of any damage caused by a non-detected virus.
Company Info:
Email CV: [email protected]
Whatsapp / Call: 8266992287
Address: B-11, SEC 63, NOIDA, NOIDA, Uttar Pradesh, India
Apply Now »
Information Security Analyst
Company Name: Birlasoft
Posted On05 Jan
2021
Experience3 - 8 year(s)
LocationChennai
SalaryNot Disclosed
Job Description
Essential Job Functions:
- Monitor Security Events from IDS, SIEM, etc.
- Log tickets to the Ticketing System.
- Handle calls from the MSSP(Managed security service provider, WBG users regarding incidents/events, perform triage, resolve problems, or escalate to team members.
- Perform triage on alerts from all sources including Monitored Email Distribution Lists.
- Participate in rotating weekly shift supporting off hours and weekend activity (24x7).
- Produce ad hoc reports and other ad hoc tasks.
Educational Qualifications and Experience:
- Education: Bachelors degree in Computer Science or Information Systems.
- Role Specific Experience: 2+ years of relevant experience in Information Security Incident Handling.
- Experience with Firewalls and information security technologies
Experience with CERT/CSIRT/CIRT/SOC.
Certification Requirements:
Required Skills/Abilities:
- Monitoring skills related to IDS and SIEM.
- Understanding of TCP/IP, Ethernet, OSI model, layer 2 and layer 3 concepts.
- Understanding of Windows Registry, File system, etc.
- Hands-on knowledge of Network Packet Analysis using tools.
- Ability to work with team members with varying levels of technical skills and diverse international backgrounds.
- Strong understanding of Networking and Operating systems concepts.
- Ability to adapt to and function in a project environment with multiple timetables and changing priorities.
- Ability to learn new concepts and approaches in Analyzing Security Incidents.
- Good communication skills (Verbal and Written).
Desired Skills/Abilities (not required but a plus):
- Pluses for Levels: (level II) 5-8 Yrs
- Level II
- Essential Job Functions: Carry out detailed Incident Response activities, including containment, remediation, and root cause analysis
- Malware Analysis
- Cyber Forensics (Memory, Disk)
- Scripting Languages e.g. Python
- Preferred Certifications: GIAC
About Company
Birlasoft is the global technology services division of the CK Birla Group, one of India's premier commercial and industrial houses, with strategic equity participation by GE Capital. Birlasoft offers IT services worldwide from development centers in India and Australia. Birlasoft has 5000+ technical employees and a large number of clients among Fortune 1000 companies. The company provides application development and support services in eCommerce, Data Warehousing, Legacy Systems, QA, CRM, RIMS (Remote Infrastructure Management Service) and ERP. Birlasoft's key strengths as an offshore outsourcing partner lie in its mature and robust global delivery model that embraces Digitized Project Management Methodologies, embedded within proven practices of Six Sigma, SEI CMMI Level 5 on Continuous Representation and a secure services framework with BS7799. Earning the trust of its customers and being honored with their repeat business, is what we strive for each day. Birlasoft is uniquely positioned to create value and provide a competitive advantage to our customers.
Apply Now »
Senior Forensics Analyst
Company Name: Arete Incident Response
Posted On04 Jan
2021
Experience5 - 8 year(s)
LocationHyderabad
SalaryNot Disclosed
Job Description
Arete Incident Response, a leading incident response and cyber security provider, partners with clients to reduce the burden of preparing for, detecting, and responding to cyber-incidents. At Arete you will work alongside and learn from some of the top minds in the cyber industry. With a culture that cultivates growth, excellence, and a commitment to our community, Arete works to create an environment where team members thrive. Arete is made up of an elite team of superheroes that strive to make a positive impact on the world every day. We are always seeking top talent to join our tribe and if you think you have what it takes please apply!
Summary:
Arete Incident Response seeks a Senior Forensics Analyst with strong technical skills and an eagerness to lead projects and work with our clients. Candidates will need to apply their Incident Response, forensics, log analysis, and malware triage skills to solve complex intrusion cases at organizations around the world. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, and creating and presenting high-quality deliverables.
Roles & Responsibilities:
- Investigate breaches leveraging forensics tools including Encase, FTK, X-Ways, SIFT, Splunk, and custom investigation tools to determine source of compromises and malicious activity that occurred in client environments. The candidate should be able to perform forensic analysis on:
- Host-based such as Windows, Linux and Mac OS X.
- Firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity.
- Cloud-based platforms such as Office 365, Google, Azure, AWSetc.
- Perform analysis on identified malicious artifacts.
- Contribute to the curation of threat intelligence related to breach investigations.
- Excellent verbal and written communication and experience presenting technical findings to a wide audience of varying technical expertise.
- Be responsible for integrity in analysis, quality in client deliverables, as well as gathering caseload intelligence.
- Responsible for developing the forensic report for breach investigations related to ransomware, data theft, and other misconduct investigations.
- Must also be able to manage multiple projects on a daily basis.
- Manage junior analysts and/or external consultants providing investigative support.
- Act as the most senior forensic analyst, assisting staff, provide review of all forensic work product to ensure consistency and accuracy, and support based on workload or complexity of matters.
- Ability to analyze workflow, processes, tools, and procedures to create further efficiency in forensic investigations.
- Ability to work greater than 40 hours per week as needed.
Skills and Experience Requirements:
- Must have at least 5-8 years of incident response or digital forensics experience with a passion for cyber security (consulting experience preferred). 10+ years preferred.
- Proficient with host-based forensics, network forensics, malware analysis and data breach response.
- Experienced with EnCase, Axiom, X-Ways, FTK, SIFT, ELK, Redline, Volatility, and open source forensic tools.
- Experience with a common scripting or programming language, including Perl, Python, Bash, or PowerShell.
Preferred Qualifications:
- Experience in a security professional services consulting firm.
- One or more Digital Forensic and Incident Response Certifications such as GCFE, GCFA, GNFA, GCTI, GREM, CHFI, CCE, CFC, EnCE, and CFCE.
- BA/BS or MS degree in an IT or Cyberrelated field.
When you join Arete
Youll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but were about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
Were proud to be an equal opportunity employer- and celebrate our employees differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
About Company
Arete Incident Response, a leading incident response and cyber security provider, partners with clients to reduce the burden of preparing for, detecting, and responding to cyber-incidents. At Arete you will work alongside and learn from some of the top minds in the cyber industry. With a culture that cultivates growth, excellence, and a commitment to our community, Arete works to create an environment where team members thrive. Arete is made up of an elite team of superheroes that strive to make a positive impact on the world every day. We are always seeking top talent to join our tribe and if you think you have what it takes please apply!
Company Info:
Website: https://areteir.com/
Address: Plot No. 49, Unit 200 of Maple Celestia, Jayabheri Enclave, Gachibowli, null, Hyderabad, Telangana, India
Apply Now »
Penetration Test Engineer
Company Name: Civica Resource Private Limited
Posted On01 Jan
2021
Experience1 - 3 year(s)
LocationVadodara
SalaryNot Disclosed
Job Description
Job Title:
Penetration Test Engineer
Location:
Vadodara
Overview:
Civica (www.civica.com) provide a wide range of business-critical software, digital solutions and technology-based outsourcing services which makes Civica a leading partner for customers across national, regional and local government, health & care, education and public safety, together with commercial organisations in highly regulated sectors.
Role Purpose:
CIVICA Vadodara is seeking a Penetration Tester to join a newly formed security testing team providing a range of penetration testing services, including application and infrastructure penetration tests.
You will proactively identify weaknesses and vulnerabilities in the security posture, simulate threats and recommend controls and procedures. You will be a key contributor to the organisation, performing ethical hacks of Civicas applications and systems.
In general, travel to the UK could be one visit every 2 years. This can be at short notice and this frequency is not guaranteed as all travel is based on a clear business or project requirement. A passport is essential.
Principal Responsibilities & Tasks:
Key Responsibilities and Duties
- Carry out application, network, systems and infrastructure penetration tests.
- Evaluate and select from a range of penetration testing tools.
- Keep up to date with latest testing and ethical hacking methods.
- Perform web application scan using acunetix and burpsuite.
- Perform Web application and mobile application security testing.
- Report on findings to a range of stakeholders using a risk based methodology.
- Make suggestions for security improvements.
- Comply with corporate processes including Civicas ISO 27001 management systems.
- Support development teams with the implementation and running of penetration tests as per the Civica Secure SDLC .
Education
First class and above grade in BE/BTECH/MCA equivalent degree from a university of UGC accreted.
Reporting Relationships
- Provide accurate timely reporting information on progress, risks and issues.
- Build collaborative relationships within the CIVICA Group both internally and externally to the testing team and with partners.
- Ensure that effective communication is maintained with team members on the same or related projects / product teams to build common goals and avoid misunderstandings.
Essential Competencies
- Good in oral and written communication skills and able to take part in meetings and discussions.
- Proactive personality and able to work autonomously.
- Good team player.
- The ability to work to agreed deadlines.
- Should be a detailed oriented.
- Ability to work at detailed and abstract levels.
- Self-learner.
- Track record of delivering commitments on time and quality.
- OSCP certifications.
Skills
Mandatory Skills:
- OWASP
- Web application security Testing
- SANS 25
- OSCP
Highly Desirable:
- Network Security Testing.
- Penetration Testing.
- Vulnerability Assessment.
- Mobile Application Security Testing.
Desirable:
About Company
Civica (www.civica.com), an UK based IT Co., provides a wide range of business-critical software, digital solutions and technology-based outsourcing services which makes Civica a leading partner for customers across national, regional and local government, health & care, education and public safety, together with commercial organizations in highly regulated sectors.
Civica are recognized as Gold (standard) €˜Investors in People€™.
Top 25 - Glassdoor 2019 Employees' Choice Best Place to Work.
Civica is a Diversity Leader, ranked as one of the top European companies for workplace diversity & equality - Financial Times 2020.
At Civica we recruit, promote and reward our people based on their contribution, regardless of gender, race, disability, religion/belief, nationality, ethnicity, sexual orientation, age or marital status. We are committed to building and maintaining an inclusive and supportive culture where diversity thrives, and all of our people excel. We believe that diversity stimulates innovation, enables us to deliver better outcomes for people and communities, supports the growth of our people, and delivers great results for our customers.
Company Info:
Email: [email protected]
Website: https://www.civica.com
Address: 101-ABC, 1ST FLOOR, NOTUS PRIDE, BHAILAL AMIN MARG, Sa, rabhai Campus, VADODARA, Gujarat, India
Apply Now »
VAPT Analyst, Vulnerability Assessment Penetration Testing
Company Name: Shieldbyte Infosec Pvt. Ltd.
Posted On29 Dec
2020
Experience1 - 5 year(s)
LocationNavi Mumbai, Mumbai, Thane
SalaryNot Disclosed
Job Description
Roles and Responsibilities:
- Web Application VAPT.
- Website VAPT.
- Network VAPT.
- API VAPT.
- Android & IOS Mobile App VAPT.
Desired Candidate Profile:
- Hands on experience with Vulnerability Assessment and Penetration testing of thick & thin client based applications, Operating systems, edge devices and firewalls.
- Perform periodically system and application VAPT (Vulnerability Assessment and Penetration Testing), Mobile APP VAPT and Network VAPT using automated and manual approach.
- Perform asset and network discovery activities, helping to ensure full coverage of the vulnerability discovery. Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets.
- Research, recommend, evaluate and implement information security solutions that identify and/ or protect against potential threats, and respond to security violations, misuse of resources or noncompliance situations using defined escalation processes.
- Strong Experience of using open- source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix and open source with operating systems Windows and Linux.
- Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST.
- Perform research on new vulnerabilities, attack vectors, exploits, tools and industry trends for the above- mentioned services.
- CEH Certification Mandatory.
- Candidates with CISM, OSCP are preferred.
About Company
ShieldByte Infosec Pvt Ltd is information security and process consulting firm. We are engaged in ensuring security of information through a variety of security services thus helping detect and prevent theft of information by both, outsiders and insiders. Our focus is on providing solutions that enable confident oversight and validation of audit readiness for internal policies, industry or government regulations; and the safe keeping of your confidential information, trade secrets, intellectual property, critical infrastructure, and other digitally-managed assets.
Company Info:
Website: https://www.shieldbyteinfosec.com/
Address: 505, 5th Floor, Shristi Square, LBS Marg, Bhandup West, Mumbai
Apply Now »
Sr. Cybersecurity Analyst - VAPT
Company Name: Network Intelligence India Pvt. Ltd.
Posted On29 Dec
2020
Experience2 - 4 year(s)
LocationMumbai
SalaryNot Disclosed
Job Description
We are hiring for Sr. Cybersecurity Analyst for our organization in Mumbai. Experience: 2+ years.
Roles and Responsibilities:
- Conduct vulnerability assessment and penetration testing for network, web applications, mobile applications and thick-client application.
- Conduct configuration reviews for OS, DB, Firewall, Routers, Switches and other infrastructure components.
- Conduct red-team assessments using social engineering, physical security compromise and other techniques.
- Be well-versed with internal privilege escalation techniques.
- Conduct source-code review using automated and manual approaches.
- Prepare detailed reports as per NII format.
- Ensure timely delivery of status updates and final reports to clients.
- Handle client queries.
- Keep oneself updated on the latest IT Security news, exploits, hacks.
- Contribute technical content chapter meetings, blogposts.
- Conduct internal and external trainings on various topics related to security assessment.
About Company
We are a global cybersecurity provider founded in 2001 with more than 700 team members working out of our New York, Singapore, Dubai and Mumbai offices.
Company Info:
Address: 204, 2ND FLOOR, ECOSPACE IT PARK, OLD NAGARDAS ROAD, ANDHERI EAST, MUMBAI, Maharashtra, India
Apply Now »
Cyber Security Consultant
Company Name: InfoBeans Technologies Limited
Posted On09 Dec
2020
Experience4 - 9 year(s)
LocationChennai
SalaryNot Disclosed
Job Description
Key Skills:
- Cybersecurity
- Fortify
- Penetration Testing
What will your role look like:
- Scan target networks and systems with Fortify, open-source vulnerability scanners.
- Design a plan of attack that can include exploiting software vulnerabilities, systemic vulnerabilities, social manipulation, or any combination of those factors.
- Perform the research on cyber security criteria, security systems, and validation procedures.
- Plan and design healthy security architectures for any IT project.
Why you will love this role:
- Besides a competitive package, an open workspace full of smart and pragmatic team members, with ever-growing opportunities for professional and personal growth.
- Be a part of a learning culture where teamwork and collaboration are encouraged, diversity is valued and excellence, compassion, openness and ownership is rewarded.
We would like you to bring along:
- Knowledge of Ethical Hacking methodologies, Cyber Forensics, Incident Handling and Penetration Testing.
- Exposure to find vulnerabilities.
- Awareness of penetration testing.
- Strong communication skills.
- Strong problem solving and analytical capabilities.
About Company
InfoBeans Technologies Limited
Apply Now »