Monday, October 19, 2020

Senior Manager - Vulnerability Assessment & Penetration Testing - Nessus/OWASP/WIRESHARK (7-12 yrs) (Maaris Global)

The position is with the Cyber Security team of our client.

Role : Vulnerability Assessment & Penetration Testing (VAPT)

Job Requirements :


a) Network VAPT : Good experience in carrying out VAPT of the following network elements :


- Firewalls

- Core routers

- Core switches

- Wi-fi networks

- Windows servers

b) Web Application VAPT : Strong experience in carrying out web application based VAPT including that of web crawling and building custom scripts for SQL injection and browser exploitation.


c) Mobile Security : Adept at carrying out mobile security testing covering aspects like app VAPT, Mobile app server VAPT and preferably some knowledge of mobile code review for popular platforms like IOS/Android.

d) Cloud Infrastructure & Application Security :


- Infrastructure Vulnerability scans

- API testing

- Microservices testing

- Platform-specific testing experience would be an added advantage (e.g. VA PT of AWS, Azure)

e) Required Tools :

- Nmap

- Nessus

- Burp suite

- Masscan

- Accunetix

- Air crack ng

- Air Snort

- Metasploit

- Maltego

- Shodan

- OWASP ZAP

- ADB

- IPAD file explorer

- Kali Linux

- Wireshark

- Live CD's like Kitana

f) Scripting and coding experience (optional - good to have)

- Python

- PHP

- BASH

g) Services Specific Experience : The candidate must have reasonable experience in the conduct of red teaming campaigns such as :

- Phishing campaigns

- Perimeter breach testing

- AD compromise

- Web Application compromise and Exfil

- WAF by passing

- EDR bypass testing

- Payload development using KALI/Cobalt Strike etc.

- An added advantage would be skills around custom malware development

h) Certifications :

- Core Certifications (Anyone or multiple) : OSCP/ GIAC Penetration Tester (GPEN)/CEH/ ISACA CSX (cybersecurity nexus)

- Other Certifications (good to have) : ISO 27001 LA,/Encase 6 or above Certified, Access FTK certified

i) Sales support Skills & Project Management : The candidate is expected to have the following skills :


(I) Sales Support

- Carry out internal risk clearance and management processes for client

- Assist senior management in research and writing technical white papers

(II) Project Management

- Tracking time charged on projects

- Oversee activities and work with project team members on a hands-on model to ensure quality delivery

- Be the first point for the client for status update meetings and project escalations

- Build project presentations and audit reports

- Discussions of the draft audit report for stakeholder buy-in (in case of audit assignment)

(III) Team development 

- Support managers in Building excellent and simplified training materials to train client teams and Junior team members

- Conduct knowledge sharing sessions for the teams below them on a monthly basis

(IV) Key soft skills and other requirements :

- The candidate is expected to have excellent analytical skills and report writing skills to ensure that deliverables for all assignments are well accepted by the clients.

- The candidate is also expected to have excellent presentation making skills to ensure that report summaries are made into succinct theme-based presentations to senior management.

- The candidate may be required to travel for short to long term assignments depending on client requirements.

- Must have been in a client-facing role in addition to a technical role.

- Must have managed mid-level stakeholders at the client (VP level, CISO, and Audit leads)

Apply Now