Information Security (OSCP) Specialist

About the job Information Security (OSCP) SpecialistJob Role: Information Security Specialist (Application Security)Job Purpose Statement:We are looking for a skilled Professional for VAPT, Application Security, Offensive Security & compliance profile. The ideal candidate will have experience in Network basics, Security understanding of all OSI layers, SAST, DAST, Mobile apps, Web apps, OWASP Top 10, SANS 25, CWE, CVEs understanding. The candidate should have Minimum 10 years of Experience in relevant profile with high quality process writing and documentation experience.Principal Accountabilities:Strong expertise on preparing reports, presentations in WORD and PPTEnsure compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements.Point out weaknesses and risks associated with the implemented security measuresPerform security risk analysisApplication security based on OWASP Top 10 standards.Vulnerability Assessment using Tenable, Offensive Penetration TestingUnderstand business requirements, perform threat modelling, present dashboard & risks to ManagementUnderstanding Of ISMS/BCMS/NIST any other compliances for securityCoordination with different stakeholders for explaining and mitigating the risksStrong expertise on SAST/DAST tools such as Burp, HP Webinspect, Fortify etc.Red teaming/Blue teaming experience will be an added advantageAbility to support the deployment of security controlsPerforming Security Awareness sessions, mentoring team etc.Must have expertise to lead and participate in Security drillsShould have ability to lead the end-to-end application security, VAPT or any other assigned projects from Technical stand point.Network and Network Security basics understandingWorking knowledge in: HTTP Protocol, Network security including; LAN / WAN security, TCP/IP Protocol, Unix / Wins security, Firewalls IntrusionMonitoring and analyzing network traffic and application logs.Investigating intrusion attempts and performing analysis of exploitsStrong understanding of adversary motivations like cybercrime, cyber hacktivism, cyberwar, cyber espionage, and the difference between cyber propaganda and cyber terrorismStrong understanding of databases, operating systems, networks, and tool developmentQualification/ Experience:A Bachelor of Science in Computer Science major in Information Systems.OSCP/OSCE is mandatoryMinimum 10 years of experience required.#J-18808-Ljbffr