Lead Offensive Security Tester Job Vacancy in [24]7.ai Bengaluru, Karnataka – Updated today

Are you looking for a New Job or Looking for better opportunities?
We got a New Job Opening for

Full Details :
Company Name : [24]7.ai
Location : Bengaluru, Karnataka
Position :

Job Description : Summary of essential job functions:
The overall responsibility of the candidate is to perform continuous security assessment that provides assurance to [24]7.ai’s management on the Information Security, Compliance and Risk Management globally. The candidate would be expected to solve complex technology problems to improve security posture, build tools to automate our way out of manual efforts and influence how [24]7.ai responds to and mitigate threats. The candidate should have the ability to work with various teams to identify and implement the security requirements of our Products, applications and Infrastructure globally.

Minimum requirements (Education Qualification & Work Experience):
Qualification Required: Bachelor’s Degree in either Computer Science/Information Science or scientific discipline or relevant
Certification preferred: OSCP, OSWE, OSEP, CRTP, CRTE CARTP, CREST, SANS
Minimum experience: 6-8 years in application/network offensive security and red teaming
Work Location: Bangalore, India

Competency Requirements:
Knowledge on OWASP, OSSTMM, CESG, CREST, NIST, ISSAF, PTES methodologies security testing tools
Must have experience in offensive security testing in Web/Network/Mobile and API/web Services
Must have experience with different offensive security tools & Techniques – e.g., Metasploit, maltego, SET, BeEF, Armitage, MITRE ATT&CK Framework
Must have experience in OSINT, GHDB, review information leaks about the organization on deep and dark web.
Must have ability to think critically and identify areas of technical and non-technical risk.
Must have ability to write technical reports and communicate technical content to nontechnical audiences.
Deep understanding of security vulnerabilities and mitigations o Ability to model threats and risks for a large, complex system
Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security
Experience in leading and executing red team operations
Experience in Cloud red team assessments in GCP/AWS/Azure cloud
Strong knowledge in Active directory attacks o Understanding and familiarity with common code review methods and standards
Experience in Scripting languages such as PHP/Python/Perl/Shell scripting etc.
Knowledge of operating systems preferably Windows / Linux / UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipment’s
o Experience in high level programming languages (e.g., Java, C, C++, .NET (C#, VB)) will be an add-on
o Experience in web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP) will be an add-on

Job Responsibilities:
Validate internal, external and crowd-sourced application security findings and articulate them to engineering and cloud infra teams
Conduct infrastructure assessments of Cloud, network, and data services that support [24]7.ai platforms
Conduct penetration testing against native mobile applications, web services, Cloud (AWS, GCP and Azure) front-end & back-end services
Carry out Offensive security testing for our applications, products, and Infrastructure. Participate in documenting security architectures and performing threat modelling for white box assessment activities
Perform reverse engineering of mobile application products and/or source code reviews (manual and SAST code audits) as needed
Lead and execute the red team operations for the organization.
Perform Open source intelligence (OSINT) for the organization.
Perform Phishing campaigns for training employees
Experience in developing custom exploits, script
Executing/Developing C2 simulations
Developing custom payloads to bypass AV/EDR’s
Lead and execute attack simulations to bypass security solutions (Ex: Email security, WAF, Firewall IDS/IPS, AV, Endpoint protections)

Other Requirements:

Should be able to think both offensively (like a hacker) and defensively (evaluating product security and security architecture)
Should aspire to be a subject matter expert for secure coding practices, penetration testing, mobile platform security and all aspects of application and product security
Perform any other application security or product security related activities or tasks as needed or directed o Strong ethics and understanding of ethics in business and information security
Ability to complete tasks and deliver professionally written reports for clients o Ability to present findings to technical staff and executives
Self-motivated, curious, knowledgeable pertaining to security news and current events

Looks exciting and matches to your profile?? Then look no further and share your resume to Arshad.@247.ai

This post is listed Under  Software Development
Disclaimer : Hugeshout works to publish latest job info only and is no where responsible for any errors. Users must Research on their own before joining any company