A.     VAPT Job description

1.      To carry out secure code reviews and to find out critical security flaws in the code

2.      Conduct vulnerability assessments of applications using various open source and commercial tools

3.      Conduct penetration test and launch exploits using Burpsuite, Nessus, Metaspoilt, Backtrack penetration testing distribution tools sets

4.      To carry out advanced technical analysis on application intrusions

5.      Analyze scan reports and suggest remediation / mitigation plan

6.      Providing rich client specific reports

7.      Hands on experience on Infrastructure, Networks, Web Application, Web Services/API, Databases, Mobile application, etc

8.      Demonstration of proof of concepts for exploits, manual penetration testing

9.      Knowledge on open source and commercial security assessment tools e.g. Burpsuit, Nessus, Appscan, nmap etc.

10.  Security configuration review of database /servers / firewalls / switches / routers, etc

11.  Knowledge of operating systems preferably windows, linux etc. network equipment’s system & network hardening

12.  Research and maintain proficiency in computer application exploitation, tools, techniques, countermeasures, and trends in computer application vulnerabilities

Primary Skills

·      Vulnerability Assessment and Penetration Testing for Infrastructure

·      Application Security

·      SAST

·      DAST

Secondary Skills

·      Certified with any technology such as CEH, CISSP, etc.