New User: Apply to selected job without registration
Cancel
  New User: Apply to selected job and register
Please fill in the below details to apply to the selected job.
If you are registred User, Login to Apply
Cancel

Consultant- Penetration Testing

8 - 12 YearsBengaluru

Apply Clicking apply will take you to the company's Website
Not Disclosed by RecruiterPosted: 48 days agoJob Applicants: 12Job Views: 365
Send me Jobs like this

Job Description


As a specialist in VSSI- Cyber security Team - you will be responsible for operating security service for ethical hacking and penetration testing:

Execute security assessments and penetration tests to highlight and clearly articulate risk to the business in terms they understand

Create detailed technical reports of securitytests

Participate in the scope definition of security tests

Maintain and operate the tools, devices and lab environment needed for security tests

Contribute to the creation and maintenance of Group level policies and guidelines concerning security assessment and testing

Proactively discover vulnerabilities in Vodafone environments Act as primary technical subject matter expert for security testing

Lead and oversee the work of junior colleages in the team while executing remote or on- site tests

Accountablefor the overall test execution, quality of work and deliverables of assigned security test engagements

Holdregular presentations and workshops on new techniques and methods both within and outside of the team

Responsible for the continuous development of security testing services and processes

Perform vulnerability research to identify new, previously unknown and unpublished vulnerabilities Develop exploits and proof of concept (POC) code to demonstrate feasibility of certain attacks
ESSENCE OF ROLE- Key Accountabilities
1
Operate Ethical Hacking Environment and Services

Execute security tests based on predefined scope and methodology

Operate tools and lab environment

Liaise with device and system owners, test requestors, project team, Group and Global Security Operation Centre (GSOC)

Execute research activities to discover zero- dayvulnerabilities

Develop exploits and POC code

Act as technical lead for assigned security testing engagements

Be accountable for overall test execution and deliverables of assigned security test engagements 2
Technical Support

Respond to technical queries related to penetration testing reports and findings

Provide remediation advice

Operating the Ethical Hacking services, tools and environment 3
Reporting and Documentation

Create and deliver high quality security test reports

Create reportsfor Technology Security Management

Develop and maintain security assessment and testing Group level policies and standards

Document and update processes and procedures used to manage systems and services

Hold presentations for Group Technology Security senior management 4
Design and Architecture

Develop and review design material for ethical hacking lab environment

Design and develop test setup templates and guidance for special types of tests
na


Salary: Not Disclosed by Recruiter
Industry: Telecom/ ISP
Functional Area: IT Software - QA & Testing
Role Category: Programming & Design
Role: Testing Engineer
Employment Type: Permanent Job, Full Time
Keyskills:

Desired Candidate Profile


8 years of ethical hacking/ penetration testing/ vulnerability assessment experience
Manual and automated penetration testing experience with open source/ commercial tools covering areas of application security, network/ infrastructure security, smartphone/ tablet security, customer- premises equipment (CPE) security
Must have Industry recognised certifications like OSCP - Offensive Security, or ECSA.
Good to have : - GIAC, ISECOM, (ISC)2, EC- Council, CREST
Experience in compiling penetration testing portfolio/ images/ test environments , change management
Experience with vulnerability scanning & exploit framework tools (Metasploit, Nessus, nmap, Wireshark Burp suite, Acunetix, Nessus, etc)
Ability to conduct a pen test without the use of a vulnerability scanner or exploit framework (i.e. fully manual test)
Strong concepts of OWASP Top 10 vulnerabilities
Strong concepts of Authentication & Authorization (OAuth 2.0, OpenID Connect)
Strong Programming background (JavaScript, Python, PHP, etc.)
Excellent knowledge of Windows/ Linux operating systems
Excellent knowledge of modern computer networks, firewalls, proxies
Able to inspect network traffic and extract valuable findings
Good understanding of MSOffice, including Visio
Strong oral and written communication skills, with the ability to explain technical issues to non- technical audiences
Experience with Android and iOS development
University/ College degree in IT preferably with IT security specialization
Experience in a multi- national, shared services environment, IT intrastructure knowledge, including clear customer service and resolution of escalated issues,
Cross cultural sensitivity, riskassessment experience

Education:UG -B.Tech/B.E. - Computers
PG - Post Graduation Not Required

Company Profile

Vodafone India Limited
At Vodafone India, our customers are at the heart of everything we do. Thats why over 194 million Indians have chosen to stay connected with us.Our knowledge of global best practices along with our deep exposure to local markets has made us leaders in the telecommunications industry. Since commencing operations in 2007, we have consistently been awarded for our best-in-class network, powerful brand, unique distribution and unmatched customer service. Whether an individual or enterprise, our customers always receive world-class services that cater to their needs
View Contact Details+
Contact Details

Recruiter Name:HR

Contact Company:Vodafone India Limited

Reference Id:230361