VAPT-Consultant

Department – Security & Privacy ServicesPosition Type – Full time – PermanentRole SummaryLooking for experienced consultants to join the S&P team at Protiviti. The role involves executing and managing various client engagements. Though based in UAE, resources may travel across client locations in the Middle East.The applicant will be responsible for assessing the security posture of client systems, platforms, and processes to improve the confidentiality, integrity, and availability of information systems in line with client’s business objectives, regulatory requirements, and strategic goals.ResponsibilitiesProvide innovation within the Vulnerability and Penetration Testing (VAPT) program regarding both process and technology.Serve as a Subject Matter Expert (SME) for the Attack & Pen function.Perform authorized attack surface reviews, penetration tests, and red team assessments.Provide assessment reports that are understandable by the target audience and include practical recommendations based on sound risk management principles.Update standards and procedures to continually improve security posture.Assess the sufficiency of policies, standards, and procedures relative to security best practices.Contribute to security-related information repositories and other business development activities.Mentor junior team members and provide consultation to peer groups.QualificationsBachelor’s Degree in Computer Science or substantial equivalent.2 to 6 years of professional experience in information security with a focus on technical assessments.Knowledge of pen testing concepts and best practices.Experience with common Pentesting tools such as Nessus, Appscan, Burp Suite, Nipper, Exploit Pack, etc.Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.Ability to validate identified vulnerabilities accurately.In-depth understanding of OWASP, CVE, general security controls, and topics like the latest application and operating system exploits.Knowledge of scripting and programming languages like Python, shell script, etc.Preferable certifications: GIAC GPEN, GWAPT, CREST, OSCP, OSWP, OSCE.Personal SkillsAbility to maintain critical thinking and composure under pressure.Strong written and oral communication skills in English, able to convey complex concepts to a business audience.Ability to be productive and focused with minimal supervision.Understands VAPT in the context of risk management and organizational priorities.#J-18808-Ljbffr