- Information Security Services for handling a team of 50+ consultant. The candidate should be from InfoSec background and experience in project execution, client deliverables, team management etc.
- The Penetration Testing Manager must be able to plan, communicate, coordinate and conduct penetration tests and security assessments for applications, systems and enterprise networks while adhering to strict rules of engagement and ethical cyber operational behaviour.
Job Responsibilities Include:
- Have good knowledge on IT Security and services like Application and Network Penetration Testing, Source Code Reviews, Mobile AppSec, Network VAPT, Application Threat Modeling, Network Security Architecture Review, Cloud & IOT Security Assessments, etc.
- Hands-on technical testing beyond automated tool validation, including exploitation and leveraging of access within multiple environments, such as Windows or *nix; conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities.
- Perform security reviews of application designs, source code, and deployments as required, covering all types of applications (web application, web services, mobile applications, thick applications, SaaS)
- Have sound knowledge about OWASP – Top Ten and WASC Threat Classifications, NIST, CIS benchmark and compliance.
- Familiar with assessment tools such as Metasploit, Nmap, Nessus, Rapid7, Burp Suite, Acunetix, Checkmarx etc.
- Manage and coordinate with pen-testing team, coordinating with testing teams and client teams, report to management team with plans, forecasting of resources, make sure smooth operations and quality delivery.
- Manage all phases of project, providing best quality deliverables to the client. Guide, assist and play active role in brand building, customer relations.
- Work with security product development team to guide them and contribute as a technical advisor. Provide counseling/coaching, oversight, and support for delivery teams and staff.
- Handle business issues/customer requirements and provide timely solutions. Mentor team(s), handle client meetings, get engaged in business meetings, work on proposals and active pre-sales.
- Able to take the team to new heights in terms of participating into research work, motivate them for writing white-papers, speaking into conference, etc.
- Good understanding of business issues/customer requirements and management. Excellent Communication and Analytical skills. Highly detail oriented and strong interpersonal skills. Problem solving skills in a multi-product/service environment. Ready to adapt challenging and high demanding work environment.
- Must have one certification into Information Security, Compliance & Risk Management at least.
- Good report writing, reviewing and presentation skills.
- Displays leadership and business judgment in anticipating client/project needs and developing alternative solutions.
- Keeps him/her self up-date with latest information security updates.