senior penetration tester
JOB DESCRIPTION
(NOTE- we are looking for those candidates who join immediately or notice period of within 15-20days)
• Job Scope
o Conduct penetration testing on internal website/system owned by EC-Council
o Produce a report and presentation to the system owner explaining the security
structure and the vulnerabilities of the system
o Conduct scoping for any new projects
o Research and recommend fixes for issues/vulnerabilities identified during the
penetration testing
o Create and update security test plan regularly according to the nature of the website
assigned
o Conduct research on new vulnerabilities and threats regularly to improve oneself
capabilities
• Minimum Requirements
o At least 3 year experience in conducting any three of the following
▪ Network Penetration Testing
▪ Mobile Application Penetration Testing
▪ Web Application Penetration Testing
▪ Source Code Review
▪ Writing, extending and modifying exploits, shellcode
▪ Reverse engineering malware, data obfuscation and ciphers
o Bachelor’s degree in IT security related field or equivalent
o Any (2) of the following certification ; OSCP, OSCE, OSEP, OSWE, CRT, LPT or
equivalent
o Proficiency in at least 1 programming language such as PHP, ruby, Python, Perl
o Strong understanding of encryption (SSL/TLS, PKI) and other authentication methods
o Good experience with tools used for penetration testing such as Metasploit,
BurpSuite, w3af, Kali Linux, SQLMap, Skipfish
o Excellent written and verbal communication skills, especially when dealing with
large reports and datasets with a high standard of documentation
o Mastery in linux/unix operating system and bash/Powershell
About This IT company is currently hiring for penetration testing.
Similar jobs
- Bachelor’s degree preferably in Engineering or equivalent professional or military experience with 10-15 years of experience.
- 5+ years of large-scale software development or application engineering with recent coding experience in two or more modern programming languages such as:Java,JavaScript, C/C++, C#, Swift, Node.js, Python, Go, or Ruby
- Experience with Continuous Integration and Continuous Delivery (CI/CD)
- Helping customers architect scalable, highly available application solutions that leverage at least 2 cloud environments out of AWS, GCP, Azure.
- Architecting and developing customer applications to be cloud developed or re-engineered or optimized
- Working as a technical leader alongside customer business, development and Development teams with support to Infrastructure team
- Providing deep software development knowledge with respect cloud architecture,design patterns and programming
- Advising and implementing Cloud (AWS/GCP/Azure) best practices
- Working as both an application architect as well as development specialist in Cloud native Apps architecture, development to deployment phases.
- Implementing DevOps practices such as infrastructure as code, continuous integration and automated deployment
Candidate MUST HAVE product-based company experience and a minimum of 3years of experience in DevOps.
What you will do (or learn) :
1. Build our application stack on AWS. Infrastructure as code (read Terraform)
2. Build state-of-the-art CI/CD pipelines.
3. Manage data warehouses and data pipelines.
4. Work on infrastructure and data security.
5. State-of-the-art log management system and tooling around them.
6. Monitoring and alerting system.
What do we expect from you?
1. 3 to 10 years of experience with DevOps or SRE principles.
2. Good fundamentals of database management and other distributed systems management.
3. Experience in infrastructure as code or other configuration management systems.
4. Experience in scripting languages (like bash, python, go lang etc.)
5. Good understanding of Linux systems
6. Strong debugging and troubleshooting skills
7. Experience in tooling around monitoring, CI/CD, log management systems.
Role
To us, a Technical Interviewer is a go-to person for technical interviews for any technology. This means that your duties will involve conducting technical interview rounds of candidates having a technical background of any kind.
The job of a Technical Interviewer is important to business success. Hiring the right talent is our most critical point and a vital aspect of a complete Technical Interviewer’s job description and specification.
Responsibilities
- Own full technical recruitment process including interviews, feedback, and building talent pipelines
- Identify the right talent for the organization
- Train and mentor new and existing interviewers
- Identify the gaps in the interview process and work on solutions
- Maintain a healthy candidate experience and build the employer brand
- To be up to date with new technologies
- Participate in various coding and technology-related challenges to gain knowledge
- Nurture a positive working environment
- Have a strong sense of ownership for assigned tasks and a willingness to go the extra mile when needed
- Is an effective communicator who can establish rapport with people at all levels
Qualifications
- Bachelor's Degree in BSc/BE/BTech in Computer Science, Engineering, or a related field
- General programming skills in languages like Java, Javascript, Ruby or equivalent.
- Proven working experience in the same profession or as a trainer
- People-oriented and results-driven
- The ability to work as part of a team
- Strong analytical and problem-solving skills
- Excellent administrative and organizational skills
- Effective communication skills
- Proven hands-on Software Development experience
At Upswing, we are committed to building a robust, scalable & secure API platform to power the world of Open Finance.
We are a passionate and self-driven team of thinkers who aspire to build the rails to connect the legacy financial sector with financial innovators through a simple and powerful banking-as-a-service (BaaS) platform.
We are looking for motivated engineers who will be working in a highly creative and cutting-edge technology environment to build a world-class financial services suite.
About the role
As part of the DevSecOps team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –
- Managing security aspects of the Cloud Infrastructure
- Designing and Implementing Security measures, Incident Response guidelines
- Conducting Security Awareness Training
- Developing SIEM tooling and pipelines end to end for vulnerability/security/incident reporting
- Developing automation and performing routine VAPT for Network and Applications
- Integrating with 3rd party vendors for the services required to improve security posture
- Mentoring people across the teams to enable best practices
What will you do if you join us?
- Engage in a lot of cross-team collaboration to independently drive forward DevSecOps practices across the org
- Take Ownership of existing, ongoing, and future DevSecOps initiatives
- Plan and Engage in Architecture discussions to bring in different angles (especially security angles) to the table
- Build Automation stack and tools for security pipeline
- Integrate different security measures and pipelines with the SIEM tool
- Conducting routine VAPT using manual and automated workflows, generating and maintaining the report for the same
- Introduce and Implement best practices across teams for a great security posture in the org
You should have
- Curiosity for on-the-job learning and experimenting with new technologies and ideas
- A strong background in Linux environment
- Proven experience in Architecting networks with security first implementation
- Experience with VAPT tooling for Networks and Applications is required
- Strong experience in Cloud technologies, multi-cloud environments, and best practices in Cloud
- Experience with at least one scripting language (Ruby/Python/Groovy)
- Experience in Terraform is highly desirable but not mandatory
- Some experience with Kubernetes, and Docker is required
- Understanding Java web applications and monitoring them for security vulnerabilities would be a plus
- Any other DevSecOps-related experience will be considered
Position: Oracle EBS Technical Lead - SCM
Experience: 6-8 Years
Location: Remote
Technical & Professional requirement:
Minimum 6 years of professional Oracle EBS experience in Oracle EBusiness Suite release 12.2.x or higher with
emphasis on modules Oracle Order Management, Oracle Advance Pricing, O2C cycle.
Must have ability to support customizations, develop process documents and share implementation plans and
best practices advice.
Experience with Web services, Alerts, PLLs, DFFs, module related APIs is a must
Extensive experience in Oracle database and development technologies such as Oracle Forms,
Oracle Reports, OAF/ADF framework, Workflow and BI Publisher
Oracle Database 11g or higher with strong experience in SQL and PL/SQL.
Exposure to SOA stack is a plus .
Good knowledge of basic Unix shell scripting will be added advantage
Strong technical knowledge with database design architecture. Ability to design and implement tables, views,
procedures, constraints, and relationships
Solve complex issues using methodical troubleshooting based on expert knowledge of Oracle
EBS applications functionality and technology
Ability to identify technical risks, present solutions to non-technical personnel and influence technical decisions.
Design, Development, Testing, Migration, Documentation.
Adhere and follow the Organization and Client Processes.
Support milestone events, defect resolutions, status updates etc.
Coordinate and participate in interaction with Functional counterparts and Users, Infrastructure team for
issues/configurations.
To qualify for the role, you must have
Minimum 6 Years of experience as EBS Technical Consultant
Oracle EBS R12 Technical, Sound knowledge of EBS, PL/SQL, Oracle Application Framework. Good understanding
of business flows – Oracle Order Management, Oracle Advance Pricing, O2C cycle.
Bachelor’s Degree in any engineering.
Basic:
Excellent ability to convince multiple stakeholders - internal and external
Good communication skills
Good presentation skills
Experience throughout the software development life cycle
Familiarity with Agile methodologies
Ability to interface directly with client
Roles and Responsibilities
- Managing Availability, Performance, Capacity of infrastructure and applications.
- Building and implementing observability for applications health/performance/capacity.
- Optimizing On-call rotations and processes.
- Documenting “tribal” knowledge.
- Managing Infra-platforms like Mesos/Kubernetes,CICD,Observability (Prometheus/New Relic/ELK),Cloud Platforms (AWS/ Azure),Databases,Data Platforms Infrastructure
- Providing help in onboarding new services with production readiness review process.
- Providing reports on services SLO/Error Budgets/Alerts and Operational Overhead.
- Working with Dev and Product teams to define SLO/Error Budgets/Alerts.
- Working with Dev team to have in depth understanding of the application architecture
and its bottlenecks.
- Identifying observability gaps in product services, infrastructure and working with stake
owners to fix it.
- Managing Outages and doing detailed RCA with developers and identifying ways to
avoid that situation.
- Managing/Automating upgrades of the infrastructure services.
- Automate toil work.
Experience & Skills
- 6+ years of total experience
- Experience as an SRE/DevOps/Infrastructure Engineer on large scale microservices and infrastructure.
- A collaborative spirit with the ability to work across disciplines to influence, learn, and
deliver.
- A deep understanding of computer science, software development, and networking principles.
- Demonstrated experience with languages, such as Python, Java, Golang etc.
- Extensive experience with Linux administration and good understanding the various
linux kernel subsystems (memory, storage, network etc).
- Extensive experience in DNS, TCP/IP, UDP, GRPC, Routing and Load Balancing.
- Expertise in GitOps, Infrastructure as a Code tools such as Terraform etc.. and
- Configuration Management Tools such as Chef, Puppet, Saltstack, Ansible.
- Expertise of Amazon Web Services (AWS) and/or other relevant Cloud Infrastructure
solutions like Microsoft Azure or Google Cloud.
- Experience in building CI/CD solutions with tools such as Jenkins, GitLab, Spinnaker,
Argo etc.
- Experience in managing and deploying containerized environments using Docker,
Mesos/Kubernetes is a plus.
Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
- 5+ Years of leading an engagement.
- 5+ Years developing and implementing security operations and technology in large, complex enterprises in multiple industry verticals, across a wide range of technology platforms.
- 4+ Years on any Cloud Platform (AWS, Azure, Google, others).
- Master's or Bachelor's degree in Information Science / Information Technology, Computer Science.
- Deep hands-on experience leading the design, development and deployment of business software at scale.
- Experience with service-oriented architectures, private and public clouds and web services security.
- Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls, Infrastructure and Network Security, Data protection, and Incident response.
- Professional experience and good technical knowledge of application security, system security, network security, authentication/authorization protocols, and cryptography.
- Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27xxx, SOC, HIPAA, GDPR, and NIST/DoD frameworks.
- Experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment.
- Good understanding of Enterprise Networks, Security and Identity Access Management.
- Configuration management using CloudFormation and/or Chef/Puppet.
- Experience with agile approaches and Experience in DevOps or DevSecOps, and how they impact risk management and compliance.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment using scripting and/or IaaC.
- Knowledge of professional software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, libraries building, build processes, testing, and operations.
- Demonstrated ability to mentor other software developers to maintain architectural vision and software quality.
- Experience taking a lead role developing complex software systems that have successfully been delivered to customers.
- Ability to travel to customer sites as needed.
PREFERRED QUALIFICATIONS:
- AWS Solutions Architect Certified.
- AWS Security Speciality Certified.
- CISSP, CCSP, CISM, and/or other comparable certifications.
- 5+ years of software development or site reliability engineering or equivalent experience
- Skilled at problem solving, algorithms, and data structures
- Building tools and scripting frameworks from scratch
- Working with Cloud Automation tools like CloudFormation, Terraform, CDK, aws-cli
- Scripting languages like Python, Groovy, PowerShell, Bash, Perl etc.
- Configuration automation using Ansible or equivalent tools
- Exposure to Windows, Linux administration skills
- Project management tools like Jira, Trello
- Prior experience in dealing with Datastore technologies like Postgres, MySQL, SQL, DynamoDB is desirable
- Familiarity with basic networking, security and cloud engineering concepts
- Team player who is eager to help others to succeed through mentoring and leading by example
- Highly collaborative with effective written and verbal communication skills