We are looking for security experts for our client , they
are a big name in cloud computing and based out of the USA . All these
positions are with their Hyderabad based IDC . Please note we are looking only
at Hyderabad based profiles.We are looking only at immediate joinees ,
candidates with long notice period please do not apply. Please also note you
will be on the payrolls of BBARPL and work with our client’s team. The initial
duration of the project is six months. There is a chance of project extension
by three months and the performing candidates might get absorbed on direct
payrolls of the company at a later date however as of now we cannot give that
guarantee.Please also note during contract your service can be terminated
without notice though it will happen only in a very rare situation where
performance is not found upto the mark or a moral breach takes place. You can
register yourself on this blog for future job updates. The link is given just
where the advertisements end on the
right hand page of the blog.You can call to discuss further on 9849128646 or
send your cv to binaryberries8@gmail.com
Security Experts: 6+yrs of experience.
Key Responsibilities:
Perform application and infrastructure
penetration tests, as well as physical security review and social engineering
tests for our global clients
Review and define requirements for
information security solutions
Perform security reviews of application
designs, source code and deployments as required, covering all types of
applications (web application, web services, mobile applications, thick client
applications, SaaS)
Participate in Security Assessments of
networks, systems and applications
Work on improvements for provided security
services, including the continuous enhancement of existing methodology material
and supporting assets
Job Requirements:
Bachelor degree or higher, technical
discipline preferred
Two years of working experience in IT
Security, preferably with exposure to application security testing (source code
review and application penetration tests)
Working knowledge of Security principles,
techniques and technologies
Good understanding of network protocols,
design and operations
Strong analytical skills and efficient
problem solving
Willingness to travel
Willingness to learn
Good English communication skills (written
and oral)
Skills Required
1.
CISSP, CISA, CEH, OSCP or other information security
certifications
2.
Proficiency with vulnerability assessment processes and tools:
OWASP, Metasploit, nmap, nessus, Burp Suite, Webinspect, etc.
3.
Understanding of security as it relates to multiple operating
systems: HPUX, Linux, AIX, Windows, z/OS, etc
4.
Understanding of access control, authorization and authentication
technologies: PAM, Active Directory, LDAP, etc.
5.
Understanding of securing fundamental networking protocols: DNS,
HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS
6.
Understanding of encryption fundamentals (symmetric/asymmetric,
ECB/CBC operations, AES, etc.)
7.
Understanding of risk modeling concepts and frameworks (STRIDE,
DREAD, FAIR, etc.)
8.
Strong background in data driven information security decision
making and prioritization
9.
Proficiency with web application vulnerabilities(testing and
remediation). i.e. OWASP top10
10. Application
development background and security knowledge – example of languages include C,
C#, C++, Java, J2EE
11. Vulnerability
and threat management experience
12. Experience
with various security tools and products (Fortify, AppScan, etc…)
13. Good
understanding of the components of a secure DLC/SDLC
14. Vulnerability
analysis and application reversing skills
15. Understanding
of cryptography principles
No comments:
Post a Comment