Opportunity is with a consulting Firm, we are preferably looking for people open to join with in 30 to 45 days, immediate is good.
Experience/skill set required for the role are :
- Network VAPT
The candidate must have experience in carrying out VAPT of the following network elements :
- Firewalls
- Core routers
- Core switches
- Wi-fi networks
- Windows servers
Web Application VAPT :
- Candidate must have strong experience in carrying out web application based VAPT including that of web crawling and building custom scripts for SQL injection and browser exploitation.
Mobile Security :
- The candidate must be adept at carrying out mobile security testing covering aspects like app VAPT, Mobile app server VAPT and preferably some knowledge of mobile code review for popular platforms like IOS/Android.
- Cloud Infrastructure & Application Security
- Infrastructure Vulnerability scans
- API testing
- Micro services testing
- Platform specific testing experience would be an added advantage (e.g. VA PT of AWS, Azure)
Tools Experience :
- Nmap
- Nessus
- Burp suite
- Masscan
- Accunetix
- Air crack ng
- Air Snort
- Metasploit
- Maltego
- Shodan
- OWASP ZAP
- ADB
- IPAD file explorer
- Kali Linux
- Wireshark
- Live CD's like Kitana
Scripting and coding experience (optional - good to have) :
- Python
- PHP
- BASH
Red Teaming Skills "
- Phishing campaigns
- Perimeter breach testing
- AD compromise
- Web Application compromise and Exfil
- WAF by passing
- EDR bypass testing
- Payload development using KALI/Cobalt Strike etc.
- An added advantage would be skills around custom malware development
Monday, September 28, 2020
Senior Consultant - Vulnerability Assessment & Penetration Testing (3-8 yrs) (Maaris Global)
