VAPT – Hyderabad, Bangalore – 2 to 5 years of Experience
Job Overview
-
Date Posted25 March 2024
-
Expiration date1 June 2024
-
Experience2 Year
-
GenderAny
Job Description
We at KPMG India are hiring for Cybersecurity “VAPT” role.
If interested Please share your resume to jugnusharma@kpmg.com with subject line “VAPT”.
Location: Hyderabad/Bangalore
Experience: 2 to 5 years
Notice Period: Immediate or Early Joiners
Desired skill set:
- Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS)
- Strong understanding of security risks in networks and application platforms
- Strong understanding of network security, infrastructure security and application security
- Strong understanding of OSI, TCP/IP model and network basics
- Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming
- Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms
- Broad knowledge of security technologies for applications, databases, networks, servers, and desktops
- Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones.
- Ability to perform manual penetration testing
- Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing
- Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity
- Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments.
- Perform technical writing to communicate the preparation, Work with stakeholders to remediate system vulnerabilities.
- Train team members and colleagues on the latest cybersecurity tactics.
- Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management
- Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite.
- Good Understanding of OWASP top 10 and mitigation techniques
- Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues
- Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP.
Preferred Certifications: CEH, ECSA, OSCP, CISSP, CCSK, OCSE, CCSP, AWS Security.