Ideal Candidature for the Position :
Willing & eager to learn , intensive training will be provided to groom , upscale a candidate . Ideal Candidate fitment would be one who can stay for long time , based on performance bonus will be provided & shares will be allocated for only those who show commitment & contribute themselves fully towards the growth of company , with at-least few years of experience as stated below .
About the Role :
Candidate will work with Managing Consultant to learn & deliver a very unique Security Testing Service of NC .Candidate should be open to travel locally as well as abroad . Long Term commitment requirement due to the fact that intensive Training will be provided to individual which will be a Cost & Time to Company which is to Upscale employees to deliver quality
Detailed JD :
Tester will be working remotely as well as on Site for this Role, this role will be more focused towards ESA (Enterprise Security Assessment) services. Great opportunity to build a Enterprise Testing team. This will be a Project driven role, NC was established in 2015 with a potential to expand itself across to deliver Solutions around technology to be Technology driving force. We are seeking a talented professional with vast experience in the field of penetration testing including internal, external, web/Application based, esp. someone who is very strong on Application etc. Below is a list of some of the technologies they would like the person to have in addition to Automation/Manual Testing of Web Applications.
This position offers industry base salary, plus bonus, benefits, growth opportunity to grow within the company, also based on performance & commitment shown within 1 year can open up doors for more opportunity within. As an Enterprise Security tester, he/she will focus on a minimum to the below JD · Web applications pen testing (XSS, SQL Injection) should be a priority. ·
Automation and/or manual testing · Systems (varied by type and configuration) Successful candidates must possess a thorough working knowledge of common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, databases and web applications.
Successful candidates must be able to quickly master new technology / software for the purposes of evaluating or subverting the security functionality of the technology / software. The security projects undertaken will range in complexity and duration but typically require two weeks planning, two weeks testing, and two weeks to analyze information and report findings. The level of effort for each assessment varies dependent on the size and complexity of the system tested and the technologies employed.
Candidate will provide technical information system security testing in support of the appropriate security risk management process. Techniques used in the security assessment and technical testing efforts include in-depth network and application vulnerability testing (both automated and manual testing), demonstrable false positive validation. Automated testing will include tools such as: Tenable Nessus, Cenzic Hailstorm, BurpSuite Professional, DBProtect, Core Impact, Nmap, Metasploit, and other tools found in the BackTrack and Samurai Web Testing Framework distributions.
In addition to one or more of the critical skills listed above, all candidates must be knowledgeable in the following areas: · All candidates shall be comfortable using, configuring, troubleshooting, and administering both Linux and Microsoft operating systems with extensive experience with at least one of these operating systems. · Have a broad knowledge of security best practices, security solutions, and methodologies for conducting advanced security assessments, to include manual assessments and malicious user testing. · Have a broad and expert knowledge of security assessment tools and manual security testing techniques. Advanced understanding of security tool strengths and weaknesses and ability to select, configure, troubleshoot and use the best “tool for the job”. · Have a broad knowledge of cyber security threats and techniques used by adversaries to compromise systems – both technical and non-technical techniques. · Have the ability to think creatively, to think critically, to analyze complex concepts, to articulate themselves clearly and concisely, and to conduct themselves in a professional manner.
In addition to one or more of the critical skills listed above, all candidates must be knowledgeable in the following areas: · All candidates shall be comfortable using, configuring, troubleshooting, and administering both Linux and Microsoft operating systems . ·
Further Training will be provided on the security best practices to be followed , secure coding guidelines ...etc · , one should have the ability to think creatively, to think critically, to analyze complex concepts, to articulate themselves clearly and concisely, and to conduct themselves in a professional manner.
Thank you .
Work From Home
Flexible Work Hours