Posted Date :2024-03-08
We would prefer the immediate joiners
Job Description
Develop, implement and maintain IT Security & Compliance policies
Location: Banglore, Chennai, Hyderabad, Cochin, Mumbai, Delhi, Kolkata, Ahmedabad, Coimbatore
Responsibilities
Eligibility
Posted Date :2024-03-01
Applicants for this position should demonstrate leadership and sound business judgment in anticipating client/project needs and developing alternative solutions.
Responsibilities:
Skill Sets:
Key Responsibilities for Cyber Security Consultants:
Qualifications:
Posted Date :2024-03-01
Requirements:
Responsibilities:
Posted Date :2024-03-01
Responsibilities:
Required Skills:
Posted Date :2024-03-01
As an Offensive Security Engineer (Red Team Consultant), you will collaborate with a team to conduct various forms of security testing on our clients' Network Infrastructure and Web applications. Your role involves identifying security issues and proposing effective solutions. Additionally, you will engage with clients to recommend long-term security controls. Your responsibilities will encompass researching vulnerabilities within client networks and web applications, performing network penetration testing, conducting web application security assessments, and executing other highly technical engagements across diverse client industries. You will also be tasked with recommending and implementing enhancements to testing methodologies, producing comprehensive reports, and delivering presentations tailored for both technical and non-technical audiences, including executives and stakeholders.
Key Responsibilities:
Perform penetration tests on network infrastructure, systems, and applications to detect exploitable vulnerabilities and assess potential security risks.
Simulate real-world cyber-attack scenarios to evaluate the organization's defense capabilities and overall security posture.
Assess the functionality and effectiveness of Security Devices, including firewalls, IDS/IPS, antivirus software, EDR solutions, web content filtering systems, Email Gateway Security, Data Loss Prevention, etc.
Possess a solid understanding of network security, DDoS attack infrastructures, and ISP defense mechanisms.
Conduct physical and wireless security assessments across various client locations.
Utilize common testing frameworks, such as the MITRE ATT&CK framework, in project execution.
Plan and execute red team engagements/activities, defining scopes, objectives, and timelines.
Document and categorize findings discovered during assessments, and research novel tactics, techniques, and procedures for gaining unauthorized access to user data.
Incorporate Threat Intelligence research to monitor APT trends and assist partners in testing their environments against emerging threats.
Develop, extend, or modify exploits, shell code, or exploit tools.
Collaborate with Incident Response, Product Security, and other security partners to align remediation efforts for optimal company protection.
Requirements & Skills:
Minimum of 2+ years of experience in Offensive Security / Red Team or related positions.
Proficiency across various Operating Systems (*nix, MacOS, Windows).
Proficient with stateful network operations and adept at using network mapping tools like Nmap.
Knowledgeable in Active Directory and Windows Security.
Familiarity with common C2 Frameworks.
Experience with cloud-based environments (e.g., GCP, AWS, Azure).
Familiarity with container-based environments.
Actively engaged in contributing to the security or privacy community through avenues like public research, blogging, presentations, bug bounties, CVEs, etc. is advantageous.
Ability to articulate technical concepts to diverse audiences through written reports and verbal presentations.
Detailed understanding of global cyber threats, threat actors, and their tactics, specifically those targeting the e-commerce sector.
Agile-minded team player with effective planning, scheduling, and adaptability skills to meet deadlines.
Eagerness for self-improvement, openness to new ideas, and forward-thinking mindset.
Excellent communication skills in both written and spoken English.
Relevant certification(s) from Offensive Security, eLearnSecurity, or SANS Institute is beneficial.
Posted Date :2024-03-01
Job Responsibilities:
Develop and implement security policies, procedures, and standards to safeguard the organization's information systems and networks.
Conduct routine security audits, risk assessments, and vulnerability scans to proactively identify and address potential security vulnerabilities.
Monitor and analyze security systems, including firewalls, intrusion detection systems, and antivirus software, to promptly detect and respond to security incidents.
Investigate and resolve security incidents by conducting forensic analysis, gathering evidence, and collaborating with relevant stakeholders.
Work closely with the IT department to design and deploy secure network architectures, implement data encryption, and manage access control mechanisms.
Stay abreast of emerging security threats, industry trends, and best practices to enhance the organization's security posture continually.
Provide security awareness training to employees, educating them on security risks and best practices for technology usage.
Participate in incident response activities, including the development and maintenance of incident response plans, and ensure timely resolution of security incidents.
Conduct regular security assessments of third-party vendors and partners to ensure compliance with the organization's security requirements.
Collaborate with internal teams to perform penetration testing and vulnerability assessments, identifying and mitigating security vulnerabilities.
Required Skills:
Thorough understanding of information security principles, practices, and technologies.
Proficiency in conducting risk assessments and vulnerability scans.
Familiarity with security frameworks and standards such as ISO 27001, NIST, and PCI DSS.
Experience configuring and managing security systems like firewalls, intrusion detection systems, and antivirus software.
Knowledge of network protocols, routing, and switching.
Strong problem-solving and critical-thinking abilities to identify and resolve security incidents.
Excellent communication skills to effectively collaborate with cross-functional teams and communicate security risks to non-technical stakeholders.
Ability to work independently and manage multiple priorities in a fast-paced environment.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field.
Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable.
Proven experience in information security, including risk assessment, incident response, and security operations.
Knowledge of compliance requirements and regulations such as GDPR, HIPAA, or SOX.
Familiarity with security tools and technologies such as SIEM, IDS/IPS, and endpoint protection.
Understanding of encryption and cryptographic protocols.
Proficient in secure coding practices and web application security.
Ability to maintain confidentiality and handle sensitive information with integrity.