Ethical Hacker/Network Penetration Tester - Web & Mobile Application Testing (4-10 yrs) Bangalore (Quality Assurance)
Infinity HR consulting Pvt. Ltd.
Bangalore, India
4d ago
source :

Job Description for the security profile :

  • Proven expertise & track record in Web and Mobile application Penetration testing (Web, Mobile, API / Webservices)
  • Proven expertise & track record in Network and system Penetration testing (Web, Mobile, API / Webservices)
  • Must Have : Experience in Tools for Firewall Evasion, Abuses to IPSec VPN, Border Gateway Protocol, GRE Tunneling.
  • Be able to lead an assessment or penetration test with 1-2 other resources
  • Be able to lead a red team engagement and participate in a purple team engagement.
  • Be an expert in penetration testing methodology
  • Have experience in developing exploits and tooling from vulnerabilities both pre and post exploitation.
  • Should have experience with tools Burp suite, Metasploit, Tenable, SQL Map, NMAP, SCAPY, and other tools.
  • Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them.
  • Knowledge of TCP / IP and other application and network level protocols.
  • Conduct vulnerability assessment and penetration testing and configuration review for systems and networks.
  • Be able to author and issue reports on assigned application and system scan.
  • Support Jr. resources in their authoring of reports and issues.
  • Support and recreate proofs of concept from security reports.
  • Support and be a member of the PSIRT organization.
  • Good exposure to Cloud Applications like AWS, Azure and other SAAS Applications
  • Experience in Automating Security tasks using Python or Java Frameworks is a bonus
  • Should be able to think ""Out of the box"". Possess ability to think and implement new attack approaches / vectors.
  • Should be able to support the development of tooling for CI / CD / CS processes enabling other teams to test their own systems and work output.
  • Should possess relevant university degree and / or professional qualifications / certification (e.g. CEH, OSCP)
  • Be able to maintain and contribute to the threat models
  • Support sessions to teach system and network exploitation and security testing methods to resources.
  • Excellent written and verbal communication skills.
  • Self-motivated, curious, knowledgeable pertaining to news and current events.
  • Apply
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form