Friday, 30 June 2023

Security Test Engineer (VAPT)-Remote

Security Test Engineer (VAPT)-Remote

[Note: Avoid Candidates from JNTU & OU university]

[Note: Mandatory Skills:
PCI-DSS
SOC2
PenTesting]
-------------------------------------
Security Test Engineer (VAPT)
Must Have:
• Engage with customer to understand security controls, tools configuration/implementation requirements as per PCI-DSS & SOC2 standard and framework.
• Understanding of Security Industry Standards and Compliance Frameworks and Requirements (PCI-DSS, SOC2, FedRAMP, NIST etc.)
• Deep understanding of security controls/services/tools for cloud hosted applications as per PCI-DSS & SOC2 standards
• Understanding of Cloud based security services, security tools, with experience in AWS and any private cloud    
• Vulnerability management & PenTesting
• Key/secret management best practices
• Designing and implementing E2E encryption controls
• Access (authN/Z) management
• Session tracking
• Layer 4 and 7 security protection                                                                                                                              
• Good analytical and problem solving skills with ability to find root cause of issues and do impact analysis of defect fixes
• Excellent Communication skills
• Working experience on LINUX (Redhat, UBUNTU or DEBIAN etc) and LINUX system utilities
• >4 years of experience in Vulnerability Scanning, Analysis & Penetration Testing of Cloud hosted Application, APIs and networks
• Good understanding of common app/apis/network vulnerabilities & attacks (Owasp Top 10s, SANS Top 25, CVEs, CWEs..)
• 2-3 years of experience in Python/Shell Scripting - Should be able to script and automate security tests                                                                          
• Working experience on any one LINUX flavour (Red Hat, UBUNTU, DEBIAN etc) and LINUX system utilities
• Experience in Security Testing tools
• Good understanding of cloud security services/tools of atleast one of the CSPs (AWS, GCP or Azure)

Nice to Have
• Any one of the Ethical Hacking and Penetration testing Certification like CEH, OSCP, Comp TIA PenTest+                                                                                                                                                                          
• Exposure in Ethical Hacking competitions and programs like Bug Bounty, Capture the Flag etc

Best Regards,

Bharath Pammi
Team Lead

--
You received this message because you are subscribed to the Google Groups "c2cactiverequirements2023Bharath3" group.
To unsubscribe from this group and stop receiving emails from it, send an email to c2cactiverequirements2023bharath3+unsubscribe@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/c2cactiverequirements2023bharath3/CAPOpW%2BucrRptOsjrLKQfsgoRJ3HYMYtOVxpnfg9vW9ABP85kaQ%40mail.gmail.com.

No comments:

Post a Comment