Experience in IT security with exposure in the following areas
Vulnerability Assessment (PT & DAST)
Network VAPT/Systems/Host Security
Firewall, DLP, and End Point Security
API Security
Source Code Review (SAST)
Mobile App
Security Operations
Hands-on experience in Penetration and Vulnerability assessment (SAST & DAST), exposure to network and web application penetrating testing security standards, review, and reporting.
Hands-on experience on SAST and DAST engagements and sign-off process.
Architecture review and Threat Modeling before spinning up new environments, servers, and firewall rules.
Perform compliance control activities including requisite documentation, reporting, and testing
Provide daily technical, change management, and administrative support related to data, infrastructure, and application requests
Generate bi-weekly security report with recommendations to enhance security
Work with the change control review board and other stakeholders to coordinate security considerations within change management processes
Assist managers with the evaluation of technical solutions
Consult on assigned projects and initiatives regarding security best practices, risk mitigation, compliance obligation, and policy or standards implementation
Documenting and maintaining IT Security ops manuals and procedures
Good experience on OWASP Top Ten
24x5 monitoring and Active On-call member
Knowledge of Installation and Configuration of Security products, Security patches assist in log analysis.
Used manual Pen testing techniques & methods to gain a better understanding of the environment and reduce false negatives.
Posting jobs and monitoring, and analyze jobs in the production environment and server. Identify any issues and prioritize jobs.
High-level Security testing for unauthorized access of the application with valid and invalid data.
Self-motivated with good analytical abilities to comprehend things and carry out assignments in a prioritized manner.
Experience
Experience in IT security with exposure in the following areas
