B.Sc. in Computer Science/IT/ Engineering or related from any reputed university.

M. Sc in in Computer Science/IT/Related will be considered additional point

4

Experience in information security with web application and network penetration testing experience independently or with red team experience

Experience in performing network/application/mobile application/wireless penetration testing using tools or manual testing with various testing techniques.

Hands-on experience with two or more scripting languages such as Python, Powershell, Shell, or Ruby

Experience with full-stack (Linux / Unix) software architectures from UI to infrastructure.

Experience with micro-service, API-based agent, or service-oriented software architectures.

Experience with one or more IT security compliance frameworks, such as CIS, NIST, SOC2, PCI, GDPR, FISMA, HIPAA, FEDRAMP, or HITRUST

Experience in the evasion of monitoring & alerting systems (SIEM generated alerts, HIDS, EDR, Honeypots)

Relevant expertise in different areas like Active Directory, Operating systems

Experience with AWS or similar enterprise cloud and in containerized computing platforms

Experience with serverless architectures, and common virtualization techniques (hypervisors/containers/jails) and escapes/exploits from these environments.

Excellent written & oral communicating skill

CI/CD pipelines

programming languages (e.g. Java/JQuery, Javascript, Python/Jython, Ruby, Groovy, C#, .Net, VBScript, SQL, etc)

Team Player

Business Communication skills

Highly skilled and very proficient vulnerability assessments, penetration testing, Red Team assessments

Exploit vulnerabilities of Internet exposed and internal systems in a controlled environment

Participate in red team engagements for the internal & public facing systems

Utilize Threat Modelling methodologies to identify threats

Focus on designing, researching, and executing real world attacks

Perform the relevant activities both manually and leveraging automated tools

Documenting technical issues identified during security assessments;

Analyze protection and monitoring gaps of the system, provide actionable steps for closing these gaps

Perform adversary simulation attacks to the systems to measure the ability to defend against advanced threats

Explain Technical vulnerabilities and their impact to technical and non-technical audience

Guide development team on secure software development as part of DevSecOps practice.