IN_Senior Associate_ VAPT _Security Testing_ Advisory _Chennai
IN_Senior Associate_ VAPT _Security Testing_ Advisory _Chennai
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Line of Service
AdvisoryIndustry/Sector
FS X-SectorSpecialism
RiskManagement Level
Senior AssociateJob Description & Summary
At PwC our people in audit and assurance focus on providing independent and objective assessments of financial statements internal controls and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls.Those in internal audit at PwC help build optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation co-sourcing outsourcing and managed services using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise in areas like cyber forensics and compliance to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption and obtain confidence to take risks to power growth.
Why PWC
At PwC you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work powered by technology in an environment that drives innovation will enable you to make a tangible impact in the real world. We reward your contributions support your wellbeing and offer inclusive benefits flexibility programmes and mentorship that will help you thrive in work and life. Together we grow learn care collaborate and create a future of infinite experiences foreach other. Learn more about us.
At PwC we believe in providing equal employment opportunities without any discrimination on the grounds of gender ethnic background age disability marital status sexual orientation pregnancy gender identity or expression religion or other beliefs perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this we have zero tolerance for any discrimination and harassment based on the above considerations.
Job Description & Summary:
In-depth knowledge of application development processes and at least one programming and one scripting language (e.g. Java Scala C# JavaScript Angular ReactJs Ruby Perl Python Shell). Knowledge on OS security (Windows Unix/Linux systems Mac OS VMware) network security and cloud security.
Responsibilities:
Preferred Knowledge/Skills: Requirement Criteria: Graduation in EC or CS or IT or Information Security or Cyber Security or MCA. Working experience as a Penetration Testing Expert for 5 year(s) Hands on experience with security testing frameworks such as the PTES OWASP OSSTMM SANS. In-depth knowledge of application development processes and at least one programming and one scripting language (e.g. Java Scala C# JavaScript Angular ReactJs Ruby Perl Python Shell). Knowledge on OS security (Windows Unix/Linux systems Mac OS VMware) network security and cloud security. Hands on experience in BurpSuite Nessus Checkmarx Acunetix and Kali Linux penetration testing tools etc. Knowledge on Threat Modelling Source Code Reviews Secure Architecture Reviews One of the certifications OSWE/OSCP/OSCE/eJPT/CPENT- ECCouncil /LPT(Licensed Penetration Tester-ECCouncil)/GPEN(GIAC Penetration Tester)/ GWAPT(GIAC Web Application Penetration Tester) is mandatory (preferably OSCP) High Level Responsibilities: Security testing of mobile applications web applications APIs etc. Perform SAST DAST & VAPT with new standards from time to time. Review sufficient security controls are in place as per but not limited to clients policy industry best practice/process and regulatory requirements. Identify the Individual Application security risk portfolio / threats. Gaps identified along with
recommendations to be submitted in Customized reports as requested by client. Review of API/middleware/SFTP etc. interfaces between applications. Develop/Review Baseline document for OS/Application Security/ API. Review the security architecture of various applications deployed/to be deployed (including cloud based) and assess risk associated and suggest mitigation & resolution. Evaluation/Security Assessment of open-source applications. Vetting of Network and data flow Diagrams with respect to security aspect for new applications in co-ordination with the vendors and clients. Review application architecture data flow diagram network diagram database configuration crypto standards. Perform Application threat modeling. Gap assessment of the Cloud applications solutions platforms process to fill the gaps. Education: Minimum Qualification: BE/ BTech/MBA/Mtech/MCA (Non Mechanical) Postgraduates in any stream would be preferred (not mandatory)
Mandatory skill sets:
vapt and (oscp or EJPT or OSWE or CPENT or GPEN or GWAPT or OSCE) and security and Penetration Testing and mobile
Preferred skill sets:
ISO
Years of experience required:
5 Years
Education qualification:
BE ME MCA (non mechanical)
Education (if blank degree and/or field of study not specified)
Degrees/Field of Study required: Master of Engineering Bachelor of Engineering Bachelor of Technology Master DegreeDegrees/Field of Study preferred:Certifications (if blank certifications not specified)
Required Skills
Penetration TestingOptional Skills
Accepting Feedback Accepting Feedback Accounting and Financial Reporting Standards Active Listening Analytical Thinking Artificial Intelligence (AI) Platform Auditing Auditing Methodologies Business Process Improvement Communication Compliance Auditing Corporate Governance Creativity Data Analysis and Interpretation Data Ingestion Data Modeling Data Quality Data Security Data Transformation Data Visualization Embracing Change Emotional Regulation Empathy Financial Accounting Financial Audit 24 moreDesired Languages (If blank desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship
NoGovernment Clearance Required
NoJob Posting End Date
Required Experience:
Senior IC
Employment Type
Full-Time
