VAPT – Hyderabad, Bangalore – 2 to 5 years of Experience

Job Description

We at KPMG India are hiring for Cybersecurity “VAPT” role.

If interested Please share your resume to jugnusharma@kpmg.com with subject line “VAPT”.

Location: Hyderabad/Bangalore

Experience: 2 to 5 years

Notice Period: Immediate or Early Joiners

Desired skill set:

1. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS)
2. Strong understanding of security risks in networks and application platforms
3. Strong understanding of network security, infrastructure security and application security
4. Strong understanding of OSI, TCP/IP model and network basics
5. Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming
6. Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms
7. Broad knowledge of security technologies for applications, databases, networks, servers, and desktops
8. Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones.
9. Ability to perform manual penetration testing
10. Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing
11. Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity
12. Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments.
13. Perform technical writing to communicate the preparation, Work with stakeholders to remediate system vulnerabilities.
14. Train team members and colleagues on the latest cybersecurity tactics.
15. Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management
16. Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite.
17. Good Understanding of OWASP top 10 and mitigation techniques
18. Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues
19. Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP.

Preferred Certifications: CEH, ECSA, OSCP, CISSP, CCSK, OCSE, CCSP, AWS Security.