Project Manager Cyber Security Job in Acuity Knowledge Partners

Education/ Experience and Skill Requirement

• Bachelor Degree in Engineering or Equivalent area of study Relevant certifications such as Certified Ethical Hacker Certification - Must, GPEN - Preferred, Certified Penetration Tester Preferred, EC Council Certified Security Analyst Preferred, Certified Expert Penetration Tester Preferred, Licensed Penetration Tester Must, Offensive Security Certified Professional Must.

• 10+ years of experience in IT industry in relevant area, with at least 8 years of progressive experience in Cyber Security/Penetration testing (web applications and infrastructure devices).

• Hands on experience in driving end-to-end security for cloud platform.

• Experience in Qualysguard, Tenable Nessus, SonarQube, Selenium, OWASP Dependency Check, Synk, OWASP ZAP tools and other open-source and paid tools used for VAPT.

• Experience of web application testing and source code review.

• Experience of network VAPT servers and network devices.

• Sound concept of OWASP and Mitre framework, Sound knowledge of CI/CD pipeline for automating security testing.

• Experience in securing containers, image instances, security groups.

• Ability to communicate complex topics to operations team in an easy to understand manner and help in remediating the vulnerabilities by the operations teams.

• Expertise in programming languages: C#, VB.NET, Python, R, Java 8 and application development framework .NET Framework, .NET Core, ASP.NET, Angular 7 or above, ReactJS, MS Blazor.

Responsibilities

• Experience of CI/CD pipelines for security testing automation.

• Experience of SAST, DAST and SCA tools (open-source and paid tools) to automate in the CI/CD pipelines.

• Perform Web-application VAPT, Secure Code Reviews, Network VAPT for cloud and on-premises infrastructure.

• Automate the process of security testing and support in making the applications live after approval. Leverage CI/CD to use SCA, SAST, DAST and IAST (combination of SAST and DAST) testing to automate the workflow for making application live.

• Report the vulnerabilities to the operations team and help in explaining and tracking remediation of the vulnerabilities.

• Perform scans using Tenable Nessus for AMIs/images and certify AMIs to roll out in the production instance.

• Experience in designing and implementing threat modeling for applications based on industry standards and tools.

• Perform security configuration hardening scans using various tools such as Tenable Nessus and/or open source tools to validate compliance with the approved hardening standards based on industry best practices.