Penetration Tester

Job Description

Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of security administrators responsible for managing global security infrastructure. This position is to be part of a global team, reporting to the Sr. Security Delivery Manager in Gurgaon. Responsibilities: As a member of the Security Operations Team Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications Hand-on experience with VA/ PT tools like Tenable etc. Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered. Recommend security patches and any other measures; produce operations reports Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports Keep the Vulnerability Management Program in compliance with security policy and with published SLAs Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress Monitor security vulnerability information from vendors, and third parties Assist in maintaining technical support documentation. Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises Technical Skills: 3 to 5 years of experience Security Operations experience Ability to read, write and modify scripts for automation of vulnerability management tasks using Python, PowerShell, Ruby on Rails, and/ or Bash Good knowledge of packet filtering, stateful packet inspection and the differences between them Good knowledge of fundamental networking/distributed computing environment concepts; routing, switching, VLANs, VPNS, NIS, NFS. Intermediate to advanced understanding of packet capture and analysis using snoop, tcpdump and Ethereal or similar tools. Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, filesystem integrity, use of security packages, IPTables). Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS etc.) Experience in implementing, managing, and troubleshooting ITSM Solutions for Large Organization Sound knowledge of ITSM Practices and Efficient in creating workflow as per requirement. Having Certificate from any reputed ITSM OEM ensuring that resource is competent enough to work as L1. Certificate should be valid and should not older than 6 Months. Knowledge of Vulnerability Management and Patch Management. Sound Understanding of product function, features pertain to proposed Vulnerability Management and Patch Management Solution. Certified Specialist with any reputed Vulnerability ManagementSolution.Certificate should be valid and should not older than 6 Months