Job ID : 9636371543
Posted on : 08/08/2018
Designation : Senior Information Security Consultant
Experience : 5 - 10 years
Location : Bangalore / Mumbai / Delhi
Salary : negotiable
Client Name : Our Client
Education : Bachelors / Masters
Skills : OWASP, SANS top 25, WASC security Standards, SQL injection, CSRF, XSS, .NET, PHP, Java, XML, SAML, SOA, SOAP, web services, DREAD, CVSS
Priority : High
Presently we are looking for Senior Information Security Consultant for one of our client based out in Bangalore, Mumbai and Delhi. Please find the detailed job description as below:
Job Title – Senior Information Security Consultant
Job Location – Bangalore/Mumbai/Delhi
Experience – 5 to 10 years
CTC – As per Industry Standard
• Strong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc.
• Experience in manual application penetration testing of thick client applications, mobile applications, web services, API’s etc.
• Thorough understanding of common web technologies like .NET,rnPHP, Java, XML, SAML, SOA, SOAP, web services etc and protocols includingrnHTTP(S), DNS, FTP, SSH etc.
• Had performed manual mobile application penetration testing on platforms like Android, IOS etc.
• Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
• Good understanding of web application architecture and Secure development life cycle(SDLC).
• Experience in threat modelling and risk analysis.
• Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burpsuite Pro, etc) is desirable.
• Should be ready to travel within and outside the country.
• Preparing audit reports and findings tracker sheets for each application in the provided template.
• Communicate with customer teams to explain and demonstrate vulnerabilities to application/system owners, and assist with the mitigation of the identified vulnerabilities.
• Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as the organization.
• 5+ years of proven experience in application security domain
• Proficient in written and oral English communication skills.
• Expertise in web application security testing.
• Expertise in mobile application security testing.
• Strong organizational, team-work, multi-tasking and time-management skills.
• Lead at least a team or two to three consultants.
• Manage a team during project execution as needed for the smooth execution of the project.
• Experience in banking domain will be added advantage.
• Experience in VA/PT of networks, servers, devices will be added advantage
• Experience in static and dynamic secure code review will be added advantage
Permanent staffing assignments refers to those Jobs when you as a company look to hire people on your payroll on a permanent basis...
Although Professional Services in Human Contracting is a fairly new concept in India, The PS market is fast maturing and catching up with the changing industry...
Recruitment Process Outsourcing (RPO) is a form of business process outsourcing (BPO) where an employer transfers all or part of its recruitment...