This is a sample alert
Our client, a leading global specialist in energy management and automation is looking to engage with a Consultant Pen Tester with RED teaming experience.
About the role: Secure Software applications and infrastructure from potential vulnerabilities and attacks. Drive product privacy and cybersecurity features and enhancements. Ability to work in a fast-paced, rapidly changing, Agile, competitive environment.
Key responsibilities:
· Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
· Oversee the management and remediation of identified security flaws within our development platforms
· Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
· Drive vulnerability assessment and penetration testing (VAPT) activities for multiple R&;D applications, implement DEVSECOPS across the product line
· CI/CD integration of SAST and DAST platforms.
Duration: 12 months (Extendable)
Capacity: Full time
Location: Bangalore (Onsite)
- Education: B.Tech / M.Tech in CS / IT / EE / EC / EI
- Cybersecurity Certifications: CEH / OSCP - Preferred.
- A professional with a certain level of knowledge and at least 8 years of expertise in Software application pen testing
- Knowledge of the DevSecOps framework, understanding on NIST, OWASP, MITRE,CWE etc
- An understanding of programming languages such as C#, Perl, JavaScript, Python and/or PHP.
- Understanding of TCP/IP, common networking ports and protocols, OSI model
- Knowledge of Threat modelling and risk assessment techniques.
- Up-to-date knowledge of cybersecurity threats, current best practices, and latest software.
- An understanding of programs such as HP Fortify, Puppet, Chef, ThreatModeler, Checkmarx, Aqua. They may also need to know Kubernetes/ Docker. Security assessment tools (e.g. NESSUS, NMap, BurpSuite, ZAP, OWASP tools, Kali Linux tools, Fuzzing tools)
- Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
- Knowledge of one or more SSO methodologies (SAML, LDAP, OpenID)
- Experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
- Deep product knowledge to ensure the clinical functionality, expected operating environment, and interoperability to accurately determine a product’s privacy and security risks.
A leading global specialist in energy management and automation
IT Services & Consulting
8+ years
2
Build your
skill profile
Strengthen it
with feedback
Determine your
optimal fee level
Apply for matching
projects
Get finalized
Stay Engaged
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
Electricial Utilities and Power Producers
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
IT Services & Consulting
More than 3000 clients rely on Flexing It today
We host both full-time & part-time projects from top clients for 100+ skill categories. We also help connect experts like you with clients for short consultation calls called Flexperts
You just need to create a ‘boutique firm’ account during the registration process. The rest of the application process remains the same.
Our freelancers fee benchmarking tool, FeeBee helps our freelancers and consultants find out what their peers charged for similar projects. Built on 600K+ verified benchmarks, registered users get unlimited access to it.
As a freelancing platform, we do not provide permanent positions or full-time job to our consultant network.
Flexing It will be involved end to end right from contracts to invoicing. Once you are finalized, your payment details are transparently laid out in your contract terms with your client and our team actively liaises with the client finance team to ensure timely payments.
We do not charge any fee or commission from you. Your fee quote will be paid out to you in full as per your project contract.