Role Purpose

CIVICA India is seeking a Penetration Tester to join a security testing team providing a range of penetration testing services, including application, infrastructure and cloud penetration tests.

You will proactively identify weaknesses and vulnerabilities in the security posture, simulate threats and recommend controls and procedures. You will be a key contributor to the organisation, performing ethical hacks of Civica’s applications and systems.

Requirements

Principal Accountabilities

Key Responsibilities and Duties:

• Carry out application, network, systems and infrastructure penetration tests
• Evaluate and select from a range of penetration testing tools
• Keep up to date with latest testing and ethical hacking methods
• Perform web application scan using acunetix and burpsuite.
• Perform Web application and mobile application security testing.
• Report on findings to a range of stakeholders using a risk based methodology
• Make suggestions for security improvements
• Comply with corporate processes including Civica’s ISO 27001 management systems
• Support development teams with the implementation and running of penetration tests as per the Civica Secure SDLC
• Essential Competencies
  • Must have minimum 2 + years of relevant experience
  • Good in oral and written communication skills and able to take part in meetings and discussions.
  • Proactive personality and able to work autonomously.
  • Good team player.
  • The ability to work to agreed deadlines.
  • Should be a detailed oriented.
  • Ability to work at detailed and abstract levels.
  • Ability to guide junior team members.
  • Self-learner.
  • Track record of delivering commitments on time and quality.
  • Good leadership quality.
  • CEH/OSCP/CREST/GPEN or equivalent certifications
• 1 OWASP top 10 2 +
• 2 Web application security Testing 2 +
• 3 SANS 25 2 +
• Highly Desirable
• 4 Network Security Testing 2 +
• 5 Penetration Testing 2 +
• 6 Vulnerability Assessment 2 +
• 7 Mobile Application Security Testing 2 +