Penetration Tester - Mumbai, India - WTW

WTW

Verified Company

Mumbai, India

1 week ago

Posted by:

Deepika Kaur

beBee Recuiter

Description

Penetration Tester

Mumbai, IN

August 18, 2023

Responsibility:

Security Analysis: Analyzing the results of penetration tests to assess the severity of identified vulnerabilities, their potential impact on the system and the business, and the likelihood of exploitation.
Reporting and Documentation: Preparing detailed reports that document the findings, including identified vulnerabilities, attack vectors, and recommendations for remediation. These reports typically outline the risks associated with each vulnerability and provide guidance on how to mitigate them.
Remediation Support: Collaborating with developers and system administrators to assist in the remediation of identified vulnerabilities. This may involve providing guidance on secure coding practices, recommending security controls, or validating the effectiveness of implemented fixes.
Ethical Approach: Conducting all testing and assessment activities within a legal and ethical framework, ensuring that the organization's systems and data are not compromised or harmed during the process.

The Requirements
Please enter the minimum criteria, skills, education, licenses etc. required to do this job

Minimum Criteria:

Education: A bachelor's degree in a related field such as computer science, information security, or cybersecurity is commonly preferred, but not always mandatory. Relevant industry experience can compensate for formal education requirements.

Skills:

Penetration Testing Techniques: Proficiency in various penetration testing methodologies, tools, and frameworks. Experience with manual testing techniques, automated vulnerability scanners, and exploit frameworks is necessary.
Programming and Scripting: Proficiency in at least one programming language (e.g., Python, Ruby, or JavaScript, etc) to write custom scripts and tools. Understanding SQL queries for database testing is also important.

Holds relevant industry certification/s or equivalent like the following:

CEH
Certified Ethical Hacker

OSCP

Offensive Security Certified Professional

GPEN

GIAC Penetration Tester
Burp Suite Certified Practitioner

- eWAPT/eWAPTx - elearning Web Application Penetration Tester

Practical experience gained through participation in bug bounty programs, capture-the-flag (CTF) competitions, and real-world projects can also be valuable in showcasing skills and expertise.

Minimum Criteria:

Education: A bachelor's degree in a related field such as computer science, information security, or cybersecurity is commonly preferred, but not always mandatory. Relevant industry experience can compensate for formal education requirements.