Job title	Cybersecurity Consultant - VAPT
Reports to	Senior Cybersecurity Consultant
Location	Mumbai / Bangalore/ Delhi/ Noida

 

Job Purpose
 
We provide security assessment services to our client across various industry verticals including banking and financial services, software services, pharmaceutical, telecom, manufacturing, e-commerce, and government departments. 
 
The candidate will perform different security assessment services such as Vulnerability Assessment (VA), Penetration Testing (PT), Source Code Reviews, Configuration Reviews, etc. by following the methodologies like OWASP Top 10, OSSTMM, CI Security benchmarks, etc.
 
Duties and Responsibilities

• Leading the team

You will be expected to coach and mentor junior staff (team of 8-10 professionals) on functional expertise, support fast-paced delivery in challenging environments, function independently to support leaders.
Also, provide strategic direction to the team to excel in project delivery as well enhance skill sets.

• Bring new ideas and automation

You will be expected to solve problems by bringing in automation and new initiatives

• Customer relationship management and project management

You will be expected to maintain and manage customer relationships to solve problems faced by clients. Also, end-to-end manage projects which are assigned to you as a leader.

• Threat Modeling and Application Security Risk Reviews

You will be expected to conduct threat modeling exercises for the applications designed by the various teams of our clients and work within the requirements of the project to deliver exceptional value at your work.

• Penetration Testing and Vulnerability Assessments

You will be working on VAPT (Vulnerability Assessment and Penetration Testing) projects, and will be required not just to adopt the given methodologies, but continuously enhance them and develop new tools and techniques for conducting VAPTs. You will also be engaged in security research to discover new vulnerabilities and write articles on information security, as well as maintain our honeypot and write on our blog - Checkmate.

• Source Code analysis

You will have to work on certain source code analysis projects or provide guidance to team members to conduct such activities.

• Security Auditing

You will also be involved in all other projects undertaken by the Security Assessment team, such as network architecture reviews, security audits, code reviews, application security design reviews, etc.

• Training for Ethical Hacking and Security Auditing courses

NII conducts a number of hacking and security courses, and you would be also pitching in with specific modules or the entire training course.
 
 
Academic / University Qualifications

• Graduate / Post Graduate in Computer Science / Computer Engineering / Forensics / Science Graduate

 
Experience

• 5+ years

 
Additional Qualifications
 

• OSCP, OSCE – Preferred
• CISSP, CSSLP – Advantage
• Knowledge and experience in standards and frameworks such as ISO27001, PCI-DSS, NIST, etc.
• Expertise with Microsoft Office including Outlook, Word, Excel, and PowerPoint
• Ability to be a self-starter and thrive in a fast-paced consulting environment
• Skillsets - analytical, problem-solving, decision making, planning, organizational, and client facilitation