Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
Application Security group is responsible for ensuring that Fidelity applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of services and components. As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy.
Role and Responsibilities
- Carry out application, network, systems and infrastructure penetration tests·
- Evaluate and select from a range of penetration testing tools·
- Keep up to date with latest testing and ethical hacking methods·
- Perform web application scan using appscan and burpsuite.·
- Report on findings to a range of stakeholders using a risk based methodology·
- Make suggestions for security improvements·
- Understand the business requirements, evaluate potential products / solutions and provide technical recommendations.
- Be “hands on” with technology and to contribute to the design, development and support of projects with the Security recommendations.
- Provide diligent and competent service to customers by delivering an impartial and accurate service with Integrity, honesty and in accordance with the Information Security Policy and Standards
- Willing to work in 24/7 operations and project support activities
Required Technical and Professional Expertise
- 3+ years commercial experience in Penetration Testing with knowledge including;
- OWASP Top 10, SANS Top 25,
- Web Application Security Testing and VAPT·
- 3+ years commercial experience in any of the following areas: Network Security Testing; Vulnerability Assessment; Mobile Application Security Testing·
- Highly desirable would be any experience in OSCP or Red Team Assessment·
- Proven oral and written communication skills and able to contribute to meetings and discussions.·
- Proactive and able to work autonomously as well as a team·
- The ability to work to agreed deadlines·
- Strong attention to details·
- Ability to work at detailed and abstract levels.
- Track record of delivering commitments on time and quality.
Preferred Technical and Professional Expertise
- CEH/OSCP/CREST/GPEN or equivalent certifications ideal
- Professional Qualification : CEH, ECSA, LPT or Any other equivalent certification.
- Focused and versatile team player that is comfortable under pressure
- Ability to remove barriers and enable teams to complete their objectives
- Excellent problem-solving and critical-thinking skills
- Understanding of emerging technologies and corresponding security threats
- Self-motivated, flexible, with a ‘can do’ attitude.
- Solid influencing skills
- Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organisation.