Assistant Manager-Attack & pentest
Assistant Manager
Job Location: | Pune |
Required Experience: | 9+ Years |
Skills: | Mandatory Skills:Cloud Security, AWS and Azure, GCP, Oracle domain Cloud Application Pentest, (Network Pentest, Architecture Review for Infrastructure and Application, Cloud Security Configuration Review, Network Security Architecture Review and Red Teaming). Other skills: Team Handling, Project Management, Client Handling, People Management, VAPT, Web application Security, Mobile application Security, Network Security, API Testing. |
Job Description:
- Have good knowledge of IT Security and services like Application and Network Penetration Testing, Source Code Reviews, Mobile AppSec, Network VAPT, Application Threat Modeling, Network Security Architecture Review, Cloud & IOT (Internet of Things) Security Assessments, etc.
- Cloud Security Testing: Assess the security posture of cloud infrastructure, platforms, and services (IaaS, PaaS, SaaS).
- Evaluate cloud configuration settings for adherence to security best practices.
- Identify potential misconfigurations, access control issues, and data leakage risks.
loud Security, AWS and Azure, GCP, Oracle domain. - Cloud Application Pentest, (Network Pentest, Architecture Review for Infrastructure and Application, Cloud Security Configuration Review, Network Security Architecture Review and Red Teaming.
- Hands-on technical testing beyond automated tool validation, including exploitation and leveraging of access within multiple environments, such as Windows or *nix; conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities.
- Perform security reviews of application designs, source code, and deployments as required, covering all types of applications (web application, web services, mobile applications, thick applications, SaaS (Software as a Service).
- Have sound knowledge about OWASP – Top Ten and WASC Threat Classifications, NIST, CIS benchmark and compliance.
- Familiar with assessment tools such as Metasploit, Nmap, Nessus, Rapid7, Burp Suite, Acunetix, Check Marx etc.
- Manage and coordinate with pen-testing team, coordinating with testing teams and client teams, report to management team with plans, forecasting of resources, make sure smooth operations and quality delivery.
- Manage all phases of project, providing best quality deliverables to the client. Guide, assist and play active role in brand building, customer relations.
- Work with security product development team to guide them and contribute as a technical advisor. Provide counseling/coaching, oversight, and support for delivery teams and staff.
- Handle business issues/customer requirements and provide timely solutions. Mentor team(s), handle client meetings, get engaged in business meetings, work on proposals and active pre-sales.
- Able to take the team to new heights in terms of participating in research work, motivate them for writing whitepapers, speaking into conference, etc.
- Good understanding of business issues/customer requirements and management. Excellent Communication and Analytical skills. Highly detail oriented and strong interpersonal skills. Problem solving skills in a multi-product/service environment. Ready to adapt to a challenging and high demanding work environment.
- Must have one certification in Information Security, Compliance & Risk Management at least.
- Good report writing, reviewing and presentation skills
- Displays leadership and business judgment in anticipating client/project needs and developing alternative solutions.
- Keeps him/her self-update with latest information security updates