Senior Security Analyst
About Cyber Security Works:
Cyber Security Works (CSW) founded in 2008 is the pioneer and leader in the field of cybersecurity. CSW is a state-of-the-art facility for research and development in advanced cyber security products and services. Using applied research, we provide services to ensure a secure cyber ecosystem for financial institutions, healthcare, government entities, e-commerce, start-ups and many more. CSW is the first PCI -ASV (Approved Scanning Vendor) in India, has been empanelled with Cert-In since 2009 and has 11 CVEs credited to CSW lab. We cater to several global, private and governmental organizations. A few services we offer are, continues vulnerability assessment and penetration testing (VAPT), ransomware assessment, malware assessment for network, web applications and mobile that are of the highest standards. Our forte lies in application security, network security, and IT compliance.
- Role: Senior Security Analyst
- Education: B-Tech / MCA/M-Tech
- Experience: 3-5 years
- Location: Chennai / Mumbai
Key Tasks and Responsibilities:
- Perform application/network penetration testing, vulnerability assessments and source code reviews.
- Profile an application/network, identifying threats, and developing test cases to target identified threats.
- Identify and exploit vulnerabilities in applications and networks.
- Manage project timelines, deadlines and expectations – including client interactions.
- Prepare reports documenting identified issues based on internal templates.
- Interact with clients to deliver results, provide feedback and remediation recommendations on findings.
- Research emerging security topics and new attack vectors.
- Perform and review hardening of the systems and network devices.
- Monitoring of Critical Security alerts and reporting (IPS/ WAF/ Antivirus / Proxy Etc…) and performing log review from critical devices.
- Send advisories on new security alerts (Malware / Spywares etc..).
- Proficient in python development (Other scripting language like perl, ruby etc. is added advantage).
- Development knowledge of common programming languages like java, asp .net, php etc. is added advantage.
- Excellent oral and written communication skills.
- CEH, ISO 27001 LA or any equivalent security certifications would be a plus.
- Awareness on tools like Acunetix, App Scan, Burp Proxy, Sql Map, nessus, nexpose, nmap, kali linux, Metasploit etc would be a plus.