19 ene
Nagarro Group
Xico
Full-timeService Region: MexicoCompany DescriptionWe are a Digital Product Engineering company that is scaling in a big way!
We build products, services, and experiences that inspire, excite, and delight.
We work at scale — across all devices and digital mediums, and our people exist everywhere in the world (19000+ experts across 33 countries, to be exact).
Our work culture is dynamic and non-hierarchical.
We are looking for great new colleagues.
That is where you come in!Job DescriptionWe are looking for a Sr. security professional with experience performing security testing (Pen testing)
of Applications and Cloud Environments and articulating the findings in an easily consumable manner to the various internal stakeholders.You should have exposure to work as a security advisor/consultant for client organizations.
Capability to think out-of-the-box and work as a security advisor for client organizations is key to this role.QualificationsMust have Skills: Penetration Testing, Vulnerability Management, Cyber Risk Consulting.Overall 8+ years of experience in the cyber security domain.4-5 years of experience in application security testing of web and mobile applications (Android + iOS), API, and infrastructure (cloud, network, and server).Should have at least 3 years of experience in a security consulting role working as a consultant and/or advisor to the client.Thorough knowledge of the OWASP framework and testing guide.Hands-on knowledge of Pen testing, red team exercises, and bug hunting.Knowledge of SSO and OAuth 2.0 flows.Should be able to perform assessments to detect open shares and non-compliant AD accounts.Should be well versed with the following tools: Burp Suite, Postman, VirtualBox, Kali Linux, Metasploit, Android Studio (AVD), Scripting, Tenable, AWS, Azure, GCP, DAST,
and SAST solutions, Snowflake, and data modeling concepts.Good to have skills:Security certifications i.E.
OSCP, OSWE, CCSP are a plus.Experience in cloud security.Exposure to SIEM and SOC side of the security ecosystem.Working experience in an advisory/consulting role for CISO organizations.Exposure to DB scripting, data extraction, and dashboarding will be a key advantage.Should be good at performing Security Testing of the following: Web Application, API, Mobile applications (Android + iOS), Infrastructure (Server + Network), AWS, Azure, and GCP environments.Pen Testing and Red team exercises against assigned target scope.Write automation and PoC scripts from time to time.Pentest Identity Provider (IdP) integrated applications with SSO and OAuth.Good To Have Skills: Snowflake, Database Design - General Experience#J-18808-Ljbffr
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.