Risk_cyber Security_ngso - Tem_staff Job in Ernst & Young Global Limited

Risk_cyber Security_ngso - Tem_staff

Apply Now
Job Summary






EY-Cyber Security-TEM StaffConsulting- Risk



As part of our EY-cyber security team, you shall performpenetration testing which includes internet, intranet, wireless, webapplication, social engineering and physical penetration testing. You shallalso perform in-depth analysis of penetration testing results and create reportthat describes findings, exploitation procedures, risks and recommendations.



The opportunity



Were looking for Security Analyst with expertise in penetrationtesting. This is a fantastic opportunity to be part of a leading firm whilstbeing instrumental in the growth of a new service offering.



Your key responsibilities



  • Perform penetration testing whichincludes internet, intranet, web application, wireless, social engineering,physical penetration testing.

  • Execute red teamassessments to highlight gaps impacting organizations security postures.

  • Identify and exploitsecurity vulnerabilities in a wide array of systems in a variety of situations.

  • Perform in-depthanalysis of penetration testing results and create report that describesfindings, exploitation procedures, risks and recommendations.

  • Execute penetrationtesting projects using the established methodology, tools and rules of engagements.

  • Convey complextechnical security concepts to technical and non-technical audiences includingexecutives.

  • Strong knowledge ofOWASP Top 10 web and the ability to effectively communicate methodologies andtechniques with development teams

  • Ability to automateDAST/SAST solutions and reporting

  • Support SDLC andagile environments with application security testing and source code reviews.

  • Provide technicalleadership and advise to junior team members on attack and penetration testengagements.

  • Develop automatedsolutions that mitigate risks throughout the organization.

  • Understanding andexperience with Active Directory attacks.

  • Understanding of TCP/IP networkprotocols.



Skills and attributes for success



  • Experience with automation through solutionssuch as Chef, Puppet, Jenkins, and Ansible.

  • Experience withscripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.)updated and familiarized with the latest exploits and security trends.

  • Familiarity withdynamic web application vulnerability scanning tools and services (Acunetix, HPWebInspect, IBM AppScan, BurpSuite, IBM AppScan)

  • Familiarity withstatic code analysis tools and services (CheckMarx, Fortify Static CodeAnalysis tool, Veracode, Coverity, IBM AppScan Source)

  • Familiarity withSecure DevOps Integration.

  • Understanding andexperience with Active Directory attacks.

  • Understanding ofTCP/IP network protocols.

  • Understanding ofnetwork security and popular attacks vectors.

  • Understanding ofweb-based application vulnerabilities (OWASP Top 10).

  • Experience with scripting / programmingskills (e.g., Python or PowerShell or Java or Perl etc.).



To qualify for the role, you must have



  • BE/ B.Tech/ MCA.

  • Minimum of 1 yearof work experience in penetration testing which may include at least three ofthe following: internet, intranet, web application penetration tests, wireless,social engineering, physical and Red Team assessments.

  • One of thefollowing certifications: OSCP, OSWP, GPEN, GWAPT.

  • Knowledge of Windows, Linux, UNIX, any other major operating systems.





  • 2-4 years of work experience in Strategy and Operations projects

  • Strong Excel and PowerPoint skills.




Ideally, youll also have



  • Project management skills

  • Certifications: OSCP, OSWP, GPEN, GWAPT.

    What we look for


  • Whocan perform penetration testing which includes internet, intranet, wireless,web application, social engineering and physical penetration testing andprovide analysis for the testing results.

Experience Required :

Fresher

Vacancy :

2 - 4 Hires

Similar Jobs for you

See more recommended jobs