Security Analyst
ValueMentor
- Thrissur, Kerala
- Permanent
- Full-time
- Conducting Web applications vulnerability assessment and penetration testing (Black box, Gray box and White box security testing)
- Performing baseline/configuration review of servers.
- Conducting External and Internal Network vulnerability assessment and penetration testing.
- Manual and automated security testing of applications
- Security testing on production environment or test environment
- Conducting Source code review of web and mobile applications
- Familiarity with XML, SOAP, JSON, and AJAX
- Hands-on experience with two or more scripting languages such as Python, Powershell, Bash, or Ruby
- Familiarity with penetration testing tools and tool suites such as Burp Suite Pro, Acunetix, Kali Linux, Metasploit, etc.
- An aptitude for technical writing, including assessment reports, presentations, and operating procedures
- Strong understanding of security principles, policies, and industry best practices
- Database administration, device configuration hardening, and compliance
- Experience with common web frameworks, for example, jQuery, Bootstrap, Django, etc.
- Experience with common development languages, for example, VB.net, Java, C#, JavaScript, etc.
- Familiarity with Open-Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications
- Working knowledge of defensive security techniques and technologies
- Earned a degree in Information Technology or Computer Science
- CEH Certification.
- Proven record of experience as a Certified Ethical Hacker
- Solid knowledge of networking systems and security software
- 1-2 years of relevant experience
- OSCP or AWAE/OSWE or SANS GWAPT/GPEN or ECSA / IOT or equivalent certification