- Knowledge of TCP/IP protocols and networking architectures.
- Knowledge of databases, applications, and web server design and implementation.
- Knowledge of security and IT standards, such as PCI DSS v3.0 & NIST SP800.
- Knowledge of the National Vulnerability Database (NVDB) & the Common Vulnerabilities and Exposures List (CVE). CVE is a dictionary of publicly known information security vulnerabilities and exposures.
- Excellent time management, written documentation, and oral presentation skills.
-
Penetration Tester
1 day ago
Claranet Hyderabad, India**About The Role**: · **Role** · The primary function of a Penetration Tester in the Continuous Security Testing (CST) team is to continually review the customers' defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report thes ...
-
Penetration Tester
1 week ago
Experian Hyderabad, Telangana, IndiaFull-time · Employee Status: Regular · Role Type: Hybrid · Department: Information Technology & Systems · Schedule: Full Time · **Company Description**: · Experian is the world's leading global information services company. During life's big moments — from buying a home or a car ...
-
Penetration Tester
1 week ago
UltraViolet Cyber Hyderabad, India**Make a difference here.** · UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber sec ...
-
Penetration Tester 1
2 days ago
RSM US LLP Hyderabad, IndiaThe Penetration Tester conducts tests and purposefully attempts to exploit existing computer systems and software to detect and correct weaknesses. · The Penetration Tester must have experience with tools used to perform Dynamic Application Security Testing (DAST) along with an u ...
-
Penetration Tester
5 days ago
BreachLock Inc Hyderabad, IndiaJob Overview: · We are seeking a highly skilled and motivated Penetration Tester to join our dynamic cybersecurity team. The candidate should have a strong background in ethical hacking, vulnerability assessment, and security research. Additionally, you will play a crucial role i ...
-
Penetration Tester
5 hours ago
NopalCyber Hyderabad, IndiaJob Statement: · NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory ...
-
Penetration Tester
2 days ago
NopalCyber Hyderabad, India· Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques. · Application Penetration Testing (Browser-based, API, Mobile, IoT) · Threat Modeling · Source Code Revi ...
-
Senior Software Quality Automation Engineer
1 week ago
Dell Hyderabad, IndiaAbout Secureworks · Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks TaegisTM, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advance ...
Penetration Tester - Hyderabad, India - Foundever
Description
This position involves performing security vulnerability assessment and penetration testing. Penetration tests will involve a mixture of environments, including network devices, servers, systems, databases and applications that are web-based, server-based and virtual. The successful candidate will work effectively in both individual and team environments. The incumbent must be a self-starter, who is able to contribute to the overall success of the team as well as within other teams.
Primary Responsibilities of the Security Specialist I, Global Security Operations Center Role
· To perform network, system and application vulnerability assessments and penetration testing.
· To do pen-source and commercial testing tools including Kali Linux, Nessus, Metasploit, Nmap, Burp Suite Proxy, Wireshark, Kismet, etc. Additionally, must maintain awareness and knowledge of newly released open-source tools and exploits.
· To use various scripting languages such as Python, Perl, PowerShell, Bash, etc.
· To analyze identified vulnerabilities to write clear and concise assessment, penetration testing and compliance reports.
· To configure, administrate, and troubleshoot Operating Systems including Unix/Linux, Windows, iOS, Android, and the various network devices.
· To applies advanced knowledge of concepts, practices, and procedures of IT Security, with awareness of related fields.
· Applies analytical and interpretive thinking to complex problems; determines methods /procedures based on professional judgment to achieve desired outcomes.
Knowledge, Abilities & Skills
Skills/Competencies
Experience, Qualifications, Certifications & Travel
Minimum Requirements
Education:
Bachelor's degree in Information Technology, Computer Science, or related field. Experience may be evaluated in lieu of educational requirements on a case-by-case basis.
Experience: (3+ years' experience)
· Experience with mobile devices and mobile application security, including secure configuration and tools, techniques, and procedures for security testing.
· Experience assessing and testing network devices, including firewalls, routers, VPNs, and switches.
· Experience with programming and scripting in C++, Perl, Python, bash, Java and/or Assembly Language (x86).
· Experience with TCP/IP including but not limited to HTTP, HTTPS (SSL), DNS, SMTP, MSRPC, RDP and SSH.
· Experience with wireless network security, including secure configuration and tools, techniques and procedures for security testing.
· Experience with application security, including source code review.
· Experience with audit techniques to identify insecure configurations of Windows/Unix/Linux, web servers (Apache, IIS, etc.), databases (MySQL, MSSQL, Oracle, etc.) and web application scripts (PERL, Python, ASP, etc.).
· Experience with one or more social engineering test modes (physical, phishing or pre-texting).
· Will consider relevant security certifications such as CEH, GIAC, CISSP, GPEN, CEPT, LPT, CPT, OSCP, etc.
Travel: None