Roles and responsibilitiesJob Title: Information Security Engineer
Contribute to the analysis, design & development of features as a strong individual contributor.
Perform external and internal network infrastructure vulnerability assessments and penetration testing
Perform Web application and mobile applications vulnerability assessment and penetration testing
Perform secure code reviews and software development lifecycle (SDLC) security review
Perform secure configuration reviews
Perform wireless penetration tests and social engineering assessments
Maintain quality during product delivery
Lead project teams to deliver various information security assessments
6-8 years experience in Web-Application/Infrastructure Pentest.
Should be having Basic understanding on ISO 27001:2013 LA/LI compliance.
Should be having Ethical hacking and Security Certifications such as CEH, ECSA, CHFI, OSCP, Security+ (at least one).
Should be an active participant of bug bounty and CTF challenges.
Excellent communication and interpersonal skills.
Excellent verbal and written communication skills.
Ability to self-direct work activities and work with distributed teams.
Ability to collaborate with team members to rapidly design workable solutions.
Ability to present risk profiles and security recommendations to CXO Level.
Experience securing VoIP / Telecom protocols and call flows (SIP, RTP, SDP)
Experience in vulnerability assessments (network, hosts, application, databases, and mobile applications) and penetration testing
Experience with automated and manual Web application vulnerability assessments and secure code review.
Experience with various security assessment tools such as Nessus, Nmap, Kali Linux, Metasploit, Faraday, Burpsuite, Checkmarx, ZAP, WebInspect, AppScan Source, Veracode, ADB, APK tool, etc.
Be familiar with industry-leading standards such as NIST, CIS benchmarks, SANS and OWASP/ OSTMM/WASC/PCI-DSS.
Be familiar with browser, Web service, cloud security, mobile applications security, and operating system security concepts
Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk
Ability to suggest/recommend remediation to stakeholders, including executives, risk and security team members, and development team
Experience securing open source software in public cloud environments.
Experience on Scripting (at least 1 language).
Basic Knowledge on Firewall
Bachelors or Masters Degree in Engineering from a reputed engineering college.
Jp Nagar, Bangalore, India
Salary: Not Disclosed by Recruiter
Industry:IT-Software / Software Services
Functional Area:IT Software - Application Programming, Maintenance
Role Category:Programming & Design
Desired Candidate Profile
Apogee Services Private Limited
Recruiter Name:Meenu Srivastav
Contact Company:Apogee Services Private Limited