Risk_cyber Security_ngso - Tem_senior Job in Ernst & Young Global Limited

Risk_cyber Security_ngso - Tem_senior

Apply Now
Job Summary

Senior (CTM Threat ExposureManagement)

KEYRESPONSIBILITIES:

  • Perform penetration testing whichincludes internet, intranet, wireless, web application, social engineering andphysical penetration testing.

  • Execute red team scenarios to highlight gaps impacting organizations security postures.
  • Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
  • Provide technical leadership and advise to junior team members on attack and penetration test engagements.
  • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
  • Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.
  • Execute penetration testing projects using the established methodology, tools and rules of engagements.
  • Support SDLC and agile environments with application security testing
  • Develop automated solutions that mitigate risks throughout the organization
  • Experience with automation through solutions such as Chef, Puppet, Jenkins, and Ansible
  • Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams
  • Ability to automate DAST/SAST solutions and reporting
  • Convey complex technical security concepts to technical and non-technical audiences including executives.



To qualify, candidates must have:

  • A minimum of 3 years of work experience in penetration testing which includes internet, intranet, web application penetration tests, wireless, social engineering, and Red Team assessments.

  • Any two of the following certifications: OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN.

  • Knowledge of Windows, Linux, UNIX, any other major operating systems.

  • Deep understanding of TCP/IP network protocols.

  • Deep understanding and experience with various Active Directory attack techniques.

  • Understanding of network security and popular attacks vectors.

  • An understanding of web-based application vulnerabilities (OWASP Top 10).

  • Experience with manual attack and penetration testing.

  • Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).Updated and familiarized with the latest exploits and security trends.

  • Experience to lead a technical team to conduct remote and on-site penetration testing within defined rules of engagement.

  • Familiarity to perform network penetration testing in stealth manner.

  • Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan)

  • Familiarity with static code analysis tools and services (CheckMarx, Fortify Static Code Analysis tool, Veracode, Coverity, IBM AppScan Source)

  • Familiarity with Secure DevOps Integration

Experience Required :

Fresher

Vacancy :

2 - 4 Hires

Similar Jobs for you

See more recommended jobs