
Senior Consultant - AS400
Preferred Skills and qualification:
· 6+ years of strong experience in developing and maintaining AS/400 software applications.
· Experience with multiple programing languages and systems
· Experience with RPGLE Programming,
· Experience with ILE Advanced concepts (Procedures, Service programs, Functions, Full Free RPG coding syntax)
· Experience with SQL concepts and programming.
· The ability to effectively work independently and as part of a SCRUM team providing direction and mentorship to others as needed.
· Demonstrated project discipline and experience. Must be organized, focused, and driven toward established deliverable dates. Must be able to design solutions and form/drive related plans.

Similar jobs
About the Role
We are seeking an experienced Cyber Security Specialist who can operate across both offensive and defensive security disciplines. This dual-role professional will lead Vulnerability Assessment and Penetration Testing (VAPT) engagements, act as the in-house Red Team to simulate real-world adversaries, and own the implementation and continuous improvement of the Information Security Management System (ISMS) aligned with ISO/IEC 27001 and related standards. You will combine hands-on offensive security work with governance, audit readiness, and stakeholder engagement across engineering, IT, legal, and executive leadership.
Key Responsibilities
VAPT & Red Team Operations
- Plan, scope, and execute end-to-end Vulnerability Assessment and Penetration Testing (VAPT) engagements across web applications, mobile apps, APIs, networks, cloud environments, wireless, and physical infrastructure.
- Act as the organization's in-house Red Team, simulating advanced persistent threat (APT) actors through adversary emulation, social engineering, phishing campaigns, and physical intrusion testing where authorized.
- Design and execute Red Team operations aligned with MITRE ATT&CK, TIBER-EU, and similar frameworks; develop custom Tactics, Techniques, and Procedures (TTPs).
- Conduct manual and automated exploitation, post-exploitation, lateral movement, privilege escalation, and persistence testing in production-like environments.
- Develop custom exploits, payloads, scripts, and tooling (Python, PowerShell, Bash, C/C++, Go) to bypass security controls during sanctioned engagements.
- Perform source code reviews, threat modeling, and secure architecture reviews of new and existing systems.
- Coordinate Purple Team exercises with the Blue Team / SOC to validate detection coverage and improve defensive playbooks.
- Produce high-quality VAPT and Red Team reports with executive summaries, technical findings, proof-of-concept exploits, risk ratings (CVSS), and prioritized remediation guidance.
- Re-test remediated findings and track closure with engineering and IT teams through to verification.
ISO Compliance & Governance
- Lead the implementation, maintenance, and continual improvement of the ISMS in line with ISO/IEC 27001:2022, including scope definition, Statement of Applicability (SoA), and risk treatment plans.
- Own and maintain ISO policies, procedures, controls, and documentation across the organization, ensuring alignment with ISO 27001, ISO 27017, ISO 27018, and ISO 22301.
- Plan and coordinate internal and external audits; serve as the primary liaison with certification bodies, auditors, and regulators.
- Conduct risk assessments, business impact analyses (BIA), and threat modeling; maintain a central risk register and drive remediation.
- Map VAPT and Red Team findings to ISO 27001 Annex A controls and feed results into the risk management lifecycle.
- Support compliance with adjacent frameworks: SOC 2, NIST CSF, GDPR, HIPAA, PCI-DSS, and DPDP Act (India), as applicable.
- Define and report security and compliance KPIs/KRIs to senior leadership; prepare materials for management reviews and board updates.
- Develop and deliver security awareness training, phishing simulations, and role-based secure-coding training.
- Drive third-party / vendor risk management, including security questionnaires, contractual clauses, and ongoing monitoring.
- Partner with engineering and DevOps to embed security into the SDLC, CI/CD pipelines, and cloud architectures (DevSecOps).
Incident Response & Continuous Improvement
- Support incident response activities: detection, triage, containment, eradication, recovery, and post-incident reviews.
- Maintain business continuity and disaster recovery plans; coordinate BCP/DR testing and tabletop exercises.
- Stay current on emerging threats, CVEs, attacker techniques, regulatory changes, and ISO standard updates; recommend and drive improvements.
Required Qualifications
- 8+ years of progressive experience in cyber security, with at least 4 years in hands-on offensive security (VAPT, penetration testing, or Red Team) and 3+ years in ISO 27001 implementation and audits.
- Proven track record of leading VAPT engagements across web, mobile, API, network, cloud (AWS / Azure / GCP), and wireless environments.
- Hands-on experience executing Red Team operations and adversary emulation aligned with MITRE ATT&CK.
- Deep proficiency with offensive security tooling: Burp Suite Pro, Metasploit, Cobalt Strike (or open-source equivalents like Sliver, Mythic, Havoc), Nmap, Nessus, Nuclei, BloodHound, Impacket, Responder, and OWASP ZAP.
- Strong scripting and exploit development skills in Python, PowerShell, Bash, and at least one compiled language (C/C++, Go, or Rust).
- Proven hands-on experience leading an organization through ISO 27001 certification and surveillance audits end-to-end.
- Strong working knowledge of ISO/IEC 27001:2022 (including Annex A controls), ISO 27002, ISO 27017, ISO 27018, and ISO 22301.
- Solid understanding of security domains: IAM, network security, endpoint security, cloud security, application security (OWASP Top 10, API Security Top 10), and Active Directory attack paths.
- Experience with risk assessment methodologies (ISO 27005, NIST 800-30) and the ability to translate offensive findings into business risk.
- Strong report-writing, policy-drafting, and executive communication skills.
- Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience).
Preferred Qualifications
- Offensive security certifications: OSCP, OSEP, OSWE, OSED, CRTO, CRTP, CRTE, CRTL, GPEN, GXPN, GWAPT, or CEH Practical.
- Governance certifications: ISO 27001 Lead Implementer and/or Lead Auditor, CISSP, CISM, CISA, or CRISC.
- Cloud security certifications (CCSP, AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer).
- Published CVEs, security research, bug bounty achievements, or contributions to open-source security tools.
- Experience with Active Directory / Entra ID red teaming, Kerberos attacks, and modern EDR/XDR evasion techniques.
- Experience with container, Kubernetes, and serverless security testing.
- Experience implementing or auditing additional frameworks: SOC 2 Type II, NIST CSF, NIST 800-53, HITRUST, or PCI-DSS.
- Experience with GRC platforms (Vanta, Drata, Sprinto, ServiceNow GRC, Archer, OneTrust).
- Experience in regulated industries: financial services, healthcare, SaaS, or critical infrastructure.
- Experience briefing executive leadership, customers, and external auditors on offensive findings and remediation strategy.
Total Yrs. of Experience
12+
Relevant Yrs. of experience
12 years
Detailed JD (Roles and Responsibilities)
Role – SAP AR/FSCM Expert
- Proven ability to engage with business process owners to understand the business needs and priorities, lead requirement gathering and analysis, and design solutions
- In depth knowledge of AR/FSCM (Collections, Dispute, Credit Management) along with upstream processes
- Solid SAP configuration experience in: FI (GL, AR), FSCM, integration with SD, incoming payments matching.
- Experience in implementing large and complex SAP Projects, solution build, configuration and delivery to meet business requirements.
- Expert hands-on experience in developing WRICEW based on business requirements
- Preferred to have experience in cash matching apps e.g. FS2 Auto bank
- Preferred to have experience with middleware e.g. SAP PO and API technologies
Preferred to have experience with SAP Solution Manager
Mandatory skills
FSCM
Desired/ Secondary skills
FICO and FSCM
Domain
Finance
WFO/WFH/Hybrid WFO
Hybrid
environment.
● 2+ years experience with developing microservices and micro
frontends with modern javascript frameworks
● Knowledge of relational and non-relational databases.
● Experience with hybrid mobile & web applications for one or
more platforms
● Strong understanding of back-end, front-end and continuous
integration technologies
● Full stack understanding of web/mobile/API/database
development concepts and patterns.
● Familiarity with various stacks & programming languages.
- Working on scalability, maintainability and reliability of company's products.
- Working with clients to solve their day-to-day challenges, moving manual processes to automation.
- Keeping systems reliable and gauging the effort it takes to reach there.
- Understanding Juxtapose tools and technologies to choose x over y.
- Understanding Infrastructure as a Code and applying software design principles to it.
- Automating tedious work using your favourite scripting languages.
- Taking code from the local system to production by implementing Continuous Integration and Delivery principles.
What you need to have:
- Worked with any one of the programming languages like Go, Python, Java, Ruby.
- Work experience with public cloud providers like AWS, GCP or Azure.
- Understanding of Linux systems and Containers
- Meticulous in creating and following runbooks and checklists
- Microservices experience and use of orchestration tools like Kubernetes/Nomad.
- Understanding of Computer Networking fundamentals like TCP, UDP.
- Strong bash scripting skills.
Apply here:
Please note, this is a freelance position on contract basis. We prefer full-time writers, though part-timers can also apply.
* Excellent selling, communication & negotiation skills.
* Time management and organizational skills.
* Ability to create and deliver presentations tailored to audience needs.
* Relationship management skills and openess to feedback.
You are a motivated and energetic rockstar full stack developer. Go-getter, think out of box to create awesome front-end (jQuery or ReactJS) and back-end (APIs) of an application platform.
Skills:
- Develop web apps using jQuery or ReactJS, HTML5, CSS3, Bootstrap, PHP Advanced, any MVC framework and Ajax.
- Hands on knowledge of Adobe Photoshop
- Experience of setting up a production workflow with git and cloud deployment will be plus.
- Knowledge of web technologies such as NodeJS, ReactJS, VueJS etc will be plus
// must have a strong understanding of UI, cross-browser compatibility, general web functions and standards.
// willingness to learn and improvise skills
// "NEVER SAY NO" attitude towards new and challenging projects
// good verbal and communication skills
// excel in a fast-paced startup-like environment. Should be goal-orientated and be able to work without any supervision or mentorship.







