IT Security System Administrator I
Pune, Maharashtra, India
Full Time
1 hour ago
Key skills
FirewallsJavaLinuxOpen SourcePythonSDLCUnixLeadershipCommunicationCheckmarxOWASPPenetration TestingNetwork Security
About this role
Role Overview
- Ability to perform VAPT on IT Applications using various open source and commercial tools
- Provide assessment reports that are easily understandable by the target audiences
- Analyze scan reports and suggest remediation / mitigation plan
- Keep track of latest vulnerabilities
- Require deep understanding of IT Application security protocols and its implementation
- Maintain good verbal communication skills; communicate effectively with technical and non-technical colleagues at all levels in the organization
- A flexible approach to working on a rotational basis and provide necessary cover where needed
- Work within the relevant legislation, policies, and procedures
- Ability to perform complex troubleshooting of security vulnerabilities
- OSCP, ECSA, LPT Master, GPEN or any other industry accredited security certifications
- Exposure to OWASP top 10 Knowledge on SDLC and Application Architecture
- Knowledge on Network Security
- Knowledge of scripting languages (Java, dot net, python etc.)
- Broad background of networks, operating systems (windows, UNIX, Linux), firewalls and security engineering concepts
- Penetration testing planning, analyzing, remediation recommendations, and dashboarding
Requirements
- Bachelor of Science in Computer Science or a related field
- 4+ years in Information Security (VAPT) experience required
Tech Stack
- Firewalls
- Java
- Linux
- Open Source
- Python
- SDLC
- Unix
Benefits
- Ability to perform VAPT on IT Applications using various open source and commercial tools
- Provide assessment reports that are easily understandable by the target audiences
- Analyze scan reports and suggest remediation / mitigation plan
- Keep track of latest vulnerabilities
- Require deep understanding of IT Application security protocols and its implementation
- Maintain good verbal communication skills; communicate effectively with technical and non-technical colleagues at all levels in the organization
- A flexible approach to working on a rotational basis and provide necessary cover where needed
- Work within the relevant legislation, policies, and procedures
- Ability to perform complex troubleshooting of security vulnerabilities
- OSCP, ECSA, LPT Master, GPEN or any other industry accredited security certifications
- Exposure to OWASP top 10 Knowledge on SDLC and Application Architecture
- Knowledge on Network Security
- Knowledge of scripting languages (Java, dot net, python etc.)
- Broad background of networks, operating systems (windows, UNIX, Linux), firewalls and security engineering concepts
- Penetration testing planning, analyzing, remediation recommendations, and dashboarding
- Expertise with web application vulnerability scanners (Acunetix /HP Web Inspect/IBM AppScan etc. and with source code analysis tools (Fortify/Checkmarx/Vera code/Klocworks)
- Provide remediation guidance to identified vulnerabilities
- Implementing the DR testing and publishing the remediation and action plan
- Managing the Statutory and Internal Auditors on Application Security
- Report to chief Security office and managing the Risk review meeting
- Assess applicable policy, standards, and controls, indirectly manage security technologies, and direct the establishment and implementation of policies and procedures
- Monitor information security trends and keep technology leadership informed about information security -related issues and activities potentially affecting the organization
- Ensure appropriate business continuity process is followed for infrastructure and applications in accordance with business need, guidelines, policies, and procedures
- Expertise with Identity and Access Management on the Application