SOC (SME - VAPT)

Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP) and SANS GIAC.

Experience

1 years' experience working in IT/InfoSec engineering and operations

Primary Duties: :

Excellent understanding of basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. Job involves reverse engineering an application and encryption method in order to gain access to sensitive data, all without being detected.

Identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner. Expected to quickly assimilate new information of Client environments on a weekly or monthly basis on threat vectors to each environment and properly assess them.

Technical Skills Required

B.E / B.Tech / MBA in IT or equivalent, with 8 years of experience in the field of IT Security

Have 3 years of work experience in an operations or research manager capacity

Effectively manage complex strategic projects and operations from start to finish

Be proactive and organized

Have a knack for figuring out how new software systems work

Be familiar with Stata, R, and Python or tools like GitHub

Reverse engineering malware, data obfuscators, or ciphers

Source code review for control flow and security flaws

Mastery of Unix/Linux/Mac/Windows OS, including bash and Powershell

Any of the following certifications would be preferred- OSCP / OSCE / CRTE

Key Responsibilities

Staffing RED Team members on projects

Assigning RED team members to projects based on specialization and capacity

Tracking members allocation and utilization

Facilitate knowledge/information management across team

Assist team with client development of high impact potential projects

Tracking project publication status

Validate security tool output, find vulnerabilities the tools can't, and create proof of concepts of various vulnerabilities to demonstrate them to stakeholders

Research new tools and techniques to constantly improve the pen test process.

Develop comprehensive and accurate reports and presentations for both technical and executive audiences

Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

Recognize and safely utilize attacker tools, tactics, and procedures

Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

Other Skills

A skilled collaborator with experience in managing relationships through internal and external escalations along with experience in presenting to Client.

Strong problem solving and troubleshooting skills

Excellent Verbal and Written Communication Skills.

Self-motivated and possessing a high sense of urgency and integrity

Have attention for detail, while being able to zoom out and understand the big picture

Be excited to create and deploy high-impact internal systems

Demonstrates the ability to adapt to ever-changing schedules and work assignments including willingness to travel and work extended hours.