Risk _ Cyber Security TEM_Staff 3_TVM
Ernst & Young Global Limited
Thiruvananthapuram, Kerala, Indiar
5d ago

Experience Staff (CTM Threat Exposure Management)


  • Perform penetration testing which includes internet, intranet, web application, wireless, social engineering, physical penetration testing.
  • Execute red team assessments to highlight gaps impacting organizations security postures.
  • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
  • Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
  • Execute penetration testing projects using the established methodology, tools and rules of engagements.
  • Convey complex technical security concepts to technical and non-technical audiences including executives.
  • Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams
  • Ability to automate DAST / SAST solutions and reporting
  • Support SDLC and agile environments with application security testing and source code reviews
  • To qualify, candidates must have :

  • A minimum of 1 year of work experience in penetration testing which may include at least three of the following : internet, intranet, web application penetration tests, wireless, social engineering, physical and Red Team assessments.
  • One of the following certifications : OSCP, OSWP, GPEN, GWAPT.
  • Knowledge of Windows, Linux, UNIX, any other major operating systems.
  • Understanding and experience with Active Directory attacks.
  • Understanding of TCP / IP network protocols.
  • Understanding of network security and popular attacks vectors.
  • Understanding of web-based application vulnerabilities (OWASP Top 10).
  • Experience with scripting / programming skills (e.g., Python or PowerShell or Java or Perl etc.).
  • Updated and familiarized with the latest exploits and security trends.
  • Experience to conduct remote and on-site penetration testing within defined rules of engagement.
  • Familiarity to perform network penetration testing in stealth manner.
  • Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan)
  • Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source)
  • Familiarity with Secure DevOps Integration
  • Apply
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form