Role: Associate Engineer

Qualification: B.Tech(CS-IT) / M.Tech / BCA / Any other equivalent

Experience: 1-5 Year

Deadline: Ongoing

    Associate Engineer

    Role: Associate Engineer

    Qualification: B.Tech(CS-IT) / M.Tech / BCA / Any other equivalent

    Experience: 1-5 Year

    Desired Skills:

    The Information Security Application Tester is responsible for detecting threats and
    vulnerabilities in target systems, networks, and applications by conducting systems, network
    and web vulnerability assessment/security testing. Information Security identifies the security
    flaws and weaknesses in the systems that can be exploited to cause business risk, and
    provides crucial insights into the most pressing issues, suggesting how to prioritize security
    resources.

    Good to have Technical Skills:

    • Threat Modeling

    Core Responsibility Areas:

    • Knowledge of common software vulnerabilities, such as those in the owasp top 10.
      Experience with cvss and how to apply.
    • Acts as an influencer of peers and management.
    • Collaborate with technical teams for security incident remediation and communication.
    • Conducts penetration testing (e.g., internal, external, wireless, physical, social, etc.); post vulnerability assessment, work with various stakeholders to provide remediation to the identified risks and bring the same to closure.
    • Conducts proof of concepts, vendor comparisons and recommend solutions in line with business requirements
    • Conducts risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
    • Conducts security research on threats and remediation methods.
    • Conducts vulnerability assessment on the target it infrastructure, applications and related information assets.
    • Conducts walk-through of the assessment report to the stakeholders and help define remediation plan.
    • Creates process improvement by identifying inefficiencies and solutions for process improvements.
    • Develops and maintains a set of operational and forward looking security metrics Follows a standard methodology to identify and/or detect threats to the it infrastructure, applications and other information assets.
    • Interacts with partners as needed to explain work product, security techniques, methodology and results to ensure appropriate business value,
    • Oversees monitoring of security reports to identify issues and follow these issues to resolution, Performs web application security assessments (e.g., exploiting web app vulnerabilities such as sql injection, cross-site scripting, parameter manipulation, session hijacking, etc.,
    • Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review.
    • Promotes cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting,
    • Provides direction and act as an escalation point on projects and issues to other team members,
    • Provides technical security consulting support to address complex business and technology projects and requests.
    • Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.,
    • Works with various teams to follow a pre-assessment plan/ and assessment schedule for every assessment, conduct threat assessment, and deliver an assessment report. Writes clear implementation guidelines for the implementation engineers.             
       
       If you are interested in this position, please email us at:
      [email protected]

    Get In Touch

    Ask Us Anything !

    Do you have experience in building apps and software?

    What technologies do you use to develop apps and software?

    How do you guys handle off-shore projects?

    What about post delivery support?