VAPT (DevSecOps & Penetration Testing) - Pune, India - Persistent Systems

Description

About Position

We are seeking a VAPT (DevSecOps & Penetration Testing) to join our Team. Must have experience working in VAPT - Web Application Security, C, Penetration Testing, Testing, Monitoring, Bootstrap, Continuous Integration, Continuous Delivery, Automation, Fortify, Burp Suite, Azure, Azure DevOps

Job Location:
Pune/ Noida/ BengaluruJob Reference ID: PSL

What you'll do

DevSecOps and Penetration Testing Experience: 6 to 8 Years Responsibilities include as furnished below but not limited to Responsible for defining and implementing the build, deployment and monitoring standards for this customer.

Build and configure delivery environments supporting CD/CI tools using an Agile delivery methodology. Create scripts and/or templates to automate and/or bootstrap infrastructure provisioning and management tasks.
Ownership of technical design and implementation for one or more software stacks of the DevSecOps team.
Design and implementation of the distributed code repository. Implementing automation pipelines to support code compilation, testing, and deployment into the software components of the entire solution.

Integrating the monitoring of all software components in the entire solution, and data mining the data streams for actionable events to remediate issues.

Implement configuration management pipelines to standardize environments.
Integrate DevSecOps software with credentials management tools.
Create non-functional test scenarios for verifying the DevSecOps software setup. Should have good understanding of the tools such as Checkmarks, Fortify, Veracode, Burp Suite Enterprise, Accunitux etc. Provide support to RFP and give presentations in DevSecOps and suggest solutions.
Below are the qualifications. Preferably OSCP certified and similar certification in VAPT and Penetration Testing domain.

At least 5+ years of relevant working experience in DevSecOps, Task Automation, Demonstrated proficiency in installation, configuration, or implementation in one or more of the following software.

Jenkins, Azure DevOps, Bamboo, or software of similar capability. GitHub, GitLab, or software of similar capability. Jira, Asana, Trello, or software of similar capability. Ansible, Terraform, Chef Automate, or software of similar capability. Flux CD, or software of similar capability.
Any test automation software. Any service virtualization software. Operating Software administration experience for Ubuntu, Debian, Alpine, RHEL.Technical documentation writing experience. DevOps Engineering certification for on-premises or public cloud is advantageous. Experience with work planning and effort estimation is an advantage.


Penetration Tester Experience:

6 to 8 Years Responsibilities include as furnished below but not limited to We are looking for Penetration Tester who have a strong offensive technical skillset, who can discover and exploit vulnerabilities and misconfigurations in a range of different environments, alongside having the ability to communicate issues clearly and concisely for customers; breaking down complicated technical issues is a crucial skill in order to provide value to clients.

Train and assist developers in writing secure software and remediating existing vulnerabilities.
Develop and review custom vulnerability description, business impact and remediation content. Develop, research, and recommend open-source tools assisting in secure code review. Contribute to development and delivery of secure coding and remediation training.
Mentor and assist team members in effectively delivering assessments and enhancing skillsets.

Recommend best practices to integrate and automate application security testing in SDLC.Web, Mobile/Network Pen testing/Cloud Infrastructure Provide support to RFP and give presentations to the customers.

Below are the qualifications.
Preferably OSCP certified and similar certification in VAPT and Penetration Testing domain. Should have the implementation experience of Vulnerability management tools such as , Rapid7 Qualys etc

Expertise you'll bring

VAPT - Web Application Security, C, Penetration Testing, Testing, Monitoring, Bootstrap, Continuous Integration, Continuous Delivery, Automation, Fortify, Burp Suite, Azure, Azure DevOpsExperience in implementing Check Marx, Veracode, SonarQube, Running SAST Scans, analysing tool results, perform Manual code review, remediation support, review opensource components (SCA) Deliver secure code review assessment on programming languages such as Java, C#, PHP, Python, Perl, C/C++, SQL, > Analyse and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques.

Experience with fully automating CI/CD pipelines end-to-end, from code commits to production. Working closely with our development team to create an automated continuous integration (CI) and continuous delivery (CD) system.

Benefits

Competitive salary and benefits packageCulture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certificationsOpportunity to work with cutting-edge technologiesEmployee engagement initiatives such as project parties, flexible work hours, and Long Service awardsAnnual health check-upsInsurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents

Our company fosters a values-driven and people-centric work environment that enables our employees to:

Accelerate growth, both professionally and personallyImpact the world in powerful, positive ways, using the latest technologiesEnjoy collaborative innovation, with diversity and work-life wellbeing at the coreUnlock global opportunities to work and learn with the industry's best

Let's unleash your full potential. See Beyond, Rise Above