Information Security Officer

• An Bachelor Degree, with 3 - 5 Years experience in Information Security - Penetration testing & Application security testing
• Security certifications like CEH / OSCP/ OCSE/ OSWA / CISSP / GPEN
• Experience in Application security testing for banking applications and other internal applications
• Web / Mobile Application hacking and Penetration testing
• Vulnerability assessment
• Wire-less, VOIP, ATM Security testing, and WebAPI testing, etc.
• Hands on experience with popular security tools – Nessus, Qualys, BurpSuite, Netsparker, Metasploit, Kali Linux, WebInspect, Acunetix, Metaexploit, etc.
• Thorough and practical knowledge of OWASP, SANS, etc.
• Has practical experience in auditing various OS, DB, Network and Security technologies.
  

Job Responsibilities

• Conduct Application Security Testing, Vulnerability Assessment and Penetration Testing and configuration review for network, web application, mobile application, payment gateway, API and thick -client applications.
• Perform manual/automated testing of Web/ Mobile/ Infra/Network/Wi-Fi/ ATM/ payment gateway/API applications.
• Contribute to design, development, and support of new/upgrade business/infrastructure application projects with security recommendations across the implementation life cycle.
• To ensure deployment of applications with appropriate security measures, including but not limited to, relevant technologies, architectures, policies, and compliance frameworks.
• Plan and execute periodic testing activities, and document findings and its remediation plans. Coordination with internal team for reporting and closure of reported findings.
• Staying current with latest trends, tools, techniques, etc. in application security and to keep abreast with current and emerging vulnerabilities / risks/ threats, in addition to understanding their appropriate counter measures.