.. client facing role Bachelor of Engineering or master’s degree in business Administration (MBA) with 5 to 10 years of total experience in EBS or Cloud Application .. solutions. Effective offshore hiring through centralized intake and growth plans. Reduced attrition through better growth opportunities for our team. This .. read more
Job Title:
Security Assessments & SOC Specialist - Vulnerability Assessment & Penetration Testing
Position Summary: Highly skilled Security Assessments & SOC specialist with a focus on Vulnerability Assessment (VA) and Penetration Testing (PT). He is responsible for managing and executing security assessments to identify and mitigate risks across the customer organization’s IT infrastructure. This role involves leading a team of security specialists, conducting assessments, and working closely with other IT teams to ensure the security of customer systems and data.
Key Responsibilities: Leadership and Team Management:
Lead and manage a team of security specialists responsible for conducting vulnerability assessments and penetration testing. Provide mentorship and guidance to team members to enhance their skills and ensure high-quality assessments. Vulnerability Assessment:
Oversee the regular scanning and assessment of IT assets, including networks, systems, and applications, to identify vulnerabilities. Ensure that assessments are comprehensive and aligned with industry best practices. Penetration Testing:
Conduct or supervise penetration testing to identify security weaknesses and potential exploit paths. Simulate cyber-attacks to assess the effectiveness of security controls and provide actionable recommendations. Risk Management:
Analyze the results of vulnerability assessments and penetration tests, prioritize risks based on potential impact, and work with relevant teams to implement remediation strategies. Security Assessment Strategy:
Develop and maintain a security assessment strategy, including selecting appropriate tools, methodologies, and frameworks for assessing the organization’s security posture. Reporting and Documentation:
Prepare detailed reports on findings from security assessments, including vulnerabilities, potential impacts, and recommended mitigations. Present findings to senior management and stakeholders in a clear and actionable manner. Compliance and Standards:
Ensure that all security assessments adhere to relevant industry standards (e.g., ISO 27001, NIST, PCI-DSS) and regulatory requirements. Support compliance efforts by providing necessary documentation and evidence. Tool Management:
Manage and maintain security assessment tools and platforms, ensuring they are up to date and configured properly to deliver accurate results. Continuous Improvement:
Stay updated on the latest security threats, vulnerabilities, and trends. Continuously improve assessment techniques and processes to address evolving security challenges. Collaboration:
Work closely with other IT and security teams to ensure that vulnerabilities are effectively communicated and addressed. Support incident response efforts when vulnerabilities are exploited. Training and Awareness:
Provide training and awareness programs to internal and external customer teams to help them understand security risks and the importance of vulnerability management.
Qualifications: Education:
Bachelor's degree in Cybersecurity, Information Technology, or a related field. A Master's degree is preferred. Experience:
Overall 10 + years of relevant IT experience including 5+ years of experience in cybersecurity, with a focus on vulnerability assessment and penetration testing. Previous management or leadership experience is highly desirable. Certifications:
Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CISSP (Certified Information Systems Security Professional), or similar are strongly preferred.
Technical Skills: Proficiency in conducting vulnerability assessments and penetration tests using tools such as Nessus, Qualys, Burp Suite, Metasploit, etc. Strong understanding of network and system security, including firewalls, intrusion detection/prevention systems, and encryption technologies. Familiarity with various types of attacks, such as SQL injection, cross-site scripting (XSS), privilege escalation, and social engineering. Knowledge of programming and scripting languages (e.g., Python, PowerShell, Bash) is a plus. Experience in SIEM tools and security events corelation and analysis. Experience with compliance frameworks such as ISO 27001, NIST, PCI-DSS. Soft Skills: Excellent analytical and problem-solving abilities. Strong communication and reporting skills, with the ability to convey complex security issues to non-technical stakeholders. Leadership skills with the ability to manage and inspire a team. Ability to work under pressure and manage multiple priorities in a fast-paced environment.
Security Assessments & SOC Specialist - Vulnerability Assessment & Penetration Testing
Position Summary: Highly skilled Security Assessments & SOC specialist with a focus on Vulnerability Assessment (VA) and Penetration Testing (PT). He is responsible for managing and executing security assessments to identify and mitigate risks across the customer organization’s IT infrastructure. This role involves leading a team of security specialists, conducting assessments, and working closely with other IT teams to ensure the security of customer systems and data.
Key Responsibilities: Leadership and Team Management:
Lead and manage a team of security specialists responsible for conducting vulnerability assessments and penetration testing. Provide mentorship and guidance to team members to enhance their skills and ensure high-quality assessments. Vulnerability Assessment:
Oversee the regular scanning and assessment of IT assets, including networks, systems, and applications, to identify vulnerabilities. Ensure that assessments are comprehensive and aligned with industry best practices. Penetration Testing:
Conduct or supervise penetration testing to identify security weaknesses and potential exploit paths. Simulate cyber-attacks to assess the effectiveness of security controls and provide actionable recommendations. Risk Management:
Analyze the results of vulnerability assessments and penetration tests, prioritize risks based on potential impact, and work with relevant teams to implement remediation strategies. Security Assessment Strategy:
Develop and maintain a security assessment strategy, including selecting appropriate tools, methodologies, and frameworks for assessing the organization’s security posture. Reporting and Documentation:
Prepare detailed reports on findings from security assessments, including vulnerabilities, potential impacts, and recommended mitigations. Present findings to senior management and stakeholders in a clear and actionable manner. Compliance and Standards:
Ensure that all security assessments adhere to relevant industry standards (e.g., ISO 27001, NIST, PCI-DSS) and regulatory requirements. Support compliance efforts by providing necessary documentation and evidence. Tool Management:
Manage and maintain security assessment tools and platforms, ensuring they are up to date and configured properly to deliver accurate results. Continuous Improvement:
Stay updated on the latest security threats, vulnerabilities, and trends. Continuously improve assessment techniques and processes to address evolving security challenges. Collaboration:
Work closely with other IT and security teams to ensure that vulnerabilities are effectively communicated and addressed. Support incident response efforts when vulnerabilities are exploited. Training and Awareness:
Provide training and awareness programs to internal and external customer teams to help them understand security risks and the importance of vulnerability management.
Qualifications: Education:
Bachelor's degree in Cybersecurity, Information Technology, or a related field. A Master's degree is preferred. Experience:
Overall 10 + years of relevant IT experience including 5+ years of experience in cybersecurity, with a focus on vulnerability assessment and penetration testing. Previous management or leadership experience is highly desirable. Certifications:
Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), CISSP (Certified Information Systems Security Professional), or similar are strongly preferred.
Technical Skills: Proficiency in conducting vulnerability assessments and penetration tests using tools such as Nessus, Qualys, Burp Suite, Metasploit, etc. Strong understanding of network and system security, including firewalls, intrusion detection/prevention systems, and encryption technologies. Familiarity with various types of attacks, such as SQL injection, cross-site scripting (XSS), privilege escalation, and social engineering. Knowledge of programming and scripting languages (e.g., Python, PowerShell, Bash) is a plus. Experience in SIEM tools and security events corelation and analysis. Experience with compliance frameworks such as ISO 27001, NIST, PCI-DSS. Soft Skills: Excellent analytical and problem-solving abilities. Strong communication and reporting skills, with the ability to convey complex security issues to non-technical stakeholders. Leadership skills with the ability to manage and inspire a team. Ability to work under pressure and manage multiple priorities in a fast-paced environment.