Job Location | Ad-Dammam, Saudi Arabia |
Education | Graduate; Post Graduate; Engineering Graduates/PG |
Salary | Not Mentioned |
Industry | IT - Software Quality / Testing |
Functional Area | Not Mentioned |
-Work alongside & learn from best in class talentOur client is a professional Cyber Security and Consulting services company headquartered in UAE to cover the India, Middle East, Africa and Levant market, is a global provider of the Cyber Security Professional Services, Remote Support, Certified Trainings, Outsourcing, Assessment and Consulting Services, as well as solution to offer the Security Operations Center (SOC) and Managed Security Services (MSS).The JobYou will be responsible for :Conducting penetration testing, simulating an attack on the system to find exploitable weaknesses.Developing and implementing security framework, policies, processes/procedures and guidelines.Maintaining security subject-matter expertise and keep abreast of best practices & trends.Managing vulnerability assessment.Oversight & resolution of security incidents.Designing, maintaining and supporting the network infrastructure.Monitoring system performance and ensuring reliability and availability.Recommending infrastructure solutions to meet business requirement in compliance with IT policy & procedure.Providing Level 2 support and troubleshooting as and when required.Ideal CandidateYou possess a Degree/Diploma in Computer Science, Engineering or related field.Experience in the range 2-3 yrsHands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network.Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.Work closely with application, network and infrastructure teams when performing tests against new or existing systemsUse manual techniques to exploit identified vulnerabilities like cross-site scripting, SQL injections, session hijacking and buffer overflows to obtain controlled access to target systemsValidate vulnerability assessment results where appropriate, prioritize the remediation requirements and work with network, infrastructure and desktop teams to address security problemsPerform exploit analysis for identified vulnerabilities manually, with custom scripts or use tools such as MetasploitWork closely with the application development teams, technology teams and the other members of the Information Security team to identify and remediate security issues as part of Incident ResponseBe a part of the SDLC process for testing of new application systems/infrastructureParticipate in multiple organizational areas such as security architecture and design, service delivery, training and client communication.Configure and educate on the use vulnerability assessment scanners (ex: Qualys, Nessus, Nmap, Metasploit, Snort, Nexpose, etc)Create, maintain and report metrics that measure effectiveness of various security controls.Document areas of significant exposure to information systems and recommend solutions.Develop and maintain a formal reporting process highlighting results, conclusions, and recommendations which can be viewed by peers and senior managementThe ability to articulate risks and findings to managementExperience in preparing a security threat model and associated test plans.Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results.Knowledge of current information security threats. Good understanding of coding best practices and standards.In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred.Excellent communication skills both written and verbal.Critical thinking and good problem-solving abilities.Organized in planning and time management skills are preferred.Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable.Ref: XWS72RD7TD Company Profile Snaphunt is a specialist recruiting platform that takes the pain out of hiring and job searching.
Keyskills :
Penetration vulnerabilities VAPT Penetration Testing
© 2023 HireeJobsGulf All Rights Reserved