Security Analyst/Pentester
Job Responsibilities
- As a security analyst/penetration tester, you'll understand complex computer systems and technical cybersecurity terms.
- You'll need to : work with clients to determine their requirements from the test, for example, the number and type of systems they would like a testing plan and create penetration methods, scripts and tests carry out remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in security simulate security breaches to test a system's relative security create reports and recommendations from your findings, including the security issues uncovered and level of risk advise on methods to fix or lower security risks to systems present your findings, risks and conclusions to management and other relevant parties consider the impact your 'attack' will have on the business and its users understand how the flaws that you identify could affect a business, or business function, if they're not fixed.
Job Sector : IT, Software, Internet, Analytics
Job Type : Permanent
Country : India
Location : Chennai
City : Chennai
Experience : 2 - 5 Years
Salary Range : Rs. 8,00,000 - 15,00,000ey
Skills : Offensive Security Certified Professional (OSCP)
Notice Period : 30
Job Description
- As a Penetration Test Operator in our Products and Services Red Team, you will have the opportunity to apply your - outsider mindset-, skills, and experiences to mission-critical products and services.
- You will be positioned as a technical resource in the Red Team and as a subject matter expert in your area of specialization.
- Your position will be part of a highly technical and challenging team environment and you will be expected to evolve into a technical lead and trusted teammate.
- You will perform many different operations on many types of technology and will also be involved in many other aspects of cybersecurity like Purple Teaming, Bug Bounty, Internal Hack Events, and App Sec. You will work with all parts of the company to drive a cybersecurity culture, establish meaningful relationships, and directly influence the way we create secure market-leading products.
Your day to day responsibilities will include the following :
- Assist in the planning and the execution of penetration tests
- Documentation and report writing
- Data, code, and vulnerability analysis
- Tool and Script development
- Collaboration with Pentesters and Development teams
- Research, Training, and Teaching
General Skills
- Strong written and verbal communication skills
- Effective collaboration and teamwork skills
- Problem-solving abilities through imaginative and creative thinking
- The ability to deal with ambiguity and adapt to ad hoc tasks
- Be able to self-identify tasks and needs to start work independently
- Maintain an insatiable curiosity and an aggressive outsider mindset
Technical Skills
- Familiarity with Open Source Security Testing Methodology Manual (OSSTMM),Open Web Application Security Project (OWASP),and National Institute of Standards and Technology (NIST) Special Publications
- Good working knowledge of Mitre ATT&CK and Cyber Kill Chain
- Moderate to good skills with some of the following: Ansible, Bash, Powershell, Perl, Python, Ruby, Assembly, C, C++, Javascript, Java
- The ability to perform penetration testing activities on two or more of the following: Web Applications, Operating Systems and Client-Server Apps, Cloud Applications and Infrastructure, Mobile Operating Systems and Applications, Embedded/IoT devices
- This position is subject to working in high security areas governed by the US Department of Justice's 'Criminal Justice Information Services (CJIS) Security Policy' and therefore requires successfully passing a more stringent fingerprint background check administered by Motorola Solutions Inc. customers.
Basic Requirements
- Offensive Security Certified Professional (OSCP) certification required
- Bachelor's degree, equivalent work experience, and/or Military service
- 3+ years of substantive IT knowledge
- 1+ years of active hands-on experience and expertise with penetration testing/ethical hacking as a primary responsibility