Senior Systems Engineer- Pen Tester

More Options

Bangalore, Karnataka, India
map-icon
14406
6263790

To apply, email this job to yourself and open on a desktop to submit your application.

Job ID: 14406

Purpose & Overview:
This position is for an individual contributor (no direct reports) to join our Information Security team. This individual will play a key role in maintaining and continuing to enhance the security of our network and systems. This associate will join a global information security team with team members concentrated in Bangalore India and Columbus Ohio. The Penetration Tester will collaborate closely with the our application support and development teams, our network infrastructure teams, and our server administration teams to identify and implement solutions for maintaining our company’s security.

Responsibilities:
* Security Appliance Administration (SIEM & DLP rule writing, and managing spam)
* Maintain current alerts to reflect current threat environment
* Create complex correlation rules.
* Respond to intel (threat feeds) as they come in, preparing actionable alerts for any indicators found
* Writing preventative rules
* Responsible for conducting tests on the alerts that are created
* TVM (Threat Vulnerability Management) including automated security testing on Projects
* Risk/Threat ranking.
* Perform gap analysis on what is and what isn-t being scanned
* Maintain and communicate exception list
* Triage and respond to issues that may have been caused by a scan
* Maintain scan exclusion list and ensure they are added to the risk register
* Ensure TVM reports are distributed to the appropriate channels to take action
* Review monthly and quarterly reports generated by Analyst 1
* Conducts initial false positive review
* Penetration Testing including Red Team exercises and manual security testing on Projects
* Prepare Red Team exercise activity strategy
* Participate in Red Team exercises
* Prepare final report
* Support creation of remediation plan for vulnerable systems
* Perform OS and network level testing
* Web Assessments
* Validate TVM results when needed
* Validate reports on pentest findings
* Configuration Scanning
* Troubleshoot and remediate issues with policies, deployment, or console
* Provide recommendations for needed policy changes to reflect current threat landscape
* Update the risk register to reflect variants to MSBs and to aggregate MSBs
* Partner with SOC/TVM teams to identify intrusions and malware to determine conclusions/solutions to prevent future issues
* Support for security event and incident response
* Support incident response process on an as needed basis
* Always on call to collaborate on response to perceived or actual threat
Qualifications:
* 5-7 years of related security experience
* Bachelors Degree in Information Technology/Information Security or equivalent experience in technology
* Understanding of networking applications and multiple platforms
* Understand of how to exploit and leverage vulnerabilities
* Understanding of security controls and how they are used to prevent and detect attacks
* Ability to correlate a security threat to a business impact
* Strong communication skills and customer service experience
* Security Certifications preferred such as CISSP

loading