Security Consultant - VAPT

Introduction

A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.

Your Role And Responsibilities

As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy

• Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools
• Map out a network, discover ports and services running on the different exposed network and security devices
• Analyze scan reports and suggest remediation/mitigation plan
• Keep track of new vulnerabilities on various network and security devices for different vendors
• Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices
• Advanced technical analysis on intrusions
• Audit configuration of Network and Security devices
• Providing rich client specific reports
  
  

Preferred Education

Master's Degree

Required Technical And Professional Expertise

Knowledge on VA tool such as Tenable

• Should be able scan devices using VA tool
• Should be able to prepare report based on VA tool
• Should be able to explain the report to client based on the findings
• Should have knowledge on Web Penetration & Network Penetration testing. Should have a skill to conduct Gray box & black box testing
• Should worked on various PT tools such as Burp Suite, Acunetix, etc.
• Should be able do SCD scanning for Windows & Linux
• Should have good knowledge on OS such as Windows, Linux
• Experience on network vulnerability scanning penetration testing
• Experience with Nessus NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone)
• Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)
• In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
• Analytical thinker willing to "think outside the box" to resolve customer impacting situations on first contact; understand customer risk profile.
• Self-starter and ability to deliver under defined time lines
  
  

Preferred Technical And Professional Experience

Integrate Security into DevOps and enable security automation in CI/CD pipeline

• Professional Qualification : CEH, ECSA, LPT or Any other equivalent certification.
• Focused and versatile team player that is comfortable under pressure
• Ability to remove barriers and enable teams to complete their objectives
• Understanding of emerging technologies and corresponding security threats
• Self-motivated, flexible, with a ‘can do’ attitude.
• Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organization.