Security Consultant

About the company:
Security Brigade is a pure-play information security consulting firm specializing in delivering high quality services through expert driven manual testing. Founded on the core belief that “Great audits are done by great auditors – not expensive tools”, Security Brigade’s approach is built around strong processes that enable auditors to conduct in-depth manual security audits. Security Brigade is based out of Mumbai, India and was founded in December 2006. It conducts thousands of audits a year for organizations such as: MakeMyTrip, Network 18, Tata Group, HDFC, Vodafone, IRDA, Reliance Money, Netmagic Solutions among many others.

Website: http://www.securitybrigade.com/

Job location: Mumbai

Desired Experience: 0-1 Years

Target Batch Passout: 2015/2016

Salary: INR 2.4 LPA- INR 3 LPA(Depending upon candidate’s experience and performance in the interview)             

Course Specialization: B.Tech(CS/IT)/BCA/BSC(CS/IT)

Tentative date of joining: Immediate

Tentative date of interview: Will be communicated post registration window is closed.

* The shortlisted candidates will be sent Admit Cards/Call Letters on their registered mail Id, which they will need to, carry on the date of Interview. No candidate will be entertained by the company without the formal intimation from Aspiring Minds.

Job Description and Skill Set Required :-

-Security Brigade is looking for talented Application Security Consultants who will be responsible for security assessments and penetration testing of application and enterprise environments as well as security research and development of security tools, processes and testing methodologies.
-Perform application penetration testing, vulnerability assessments and source code reviews.
-Profile an application, identifying threats, and developing test cases to target identified threats.
-Identify and exploit vulnerabilities in applications and networks.
-Manage project timelines, deadlines and expectations - including customer interactions.
-Prepare reports documenting identified issues based on internal templates.
-Interact with customers in a collaborative consultative manor to deliver results, provide feedback and remediation recommendations on findings.
-Research emerging security topics and new attack vectors.
-Write tools and scripts to automate technical processes and make audits more efficient.
-In-depth understanding of security issues, exploitation techniques and remediation measures.
-Ability to follow an in-depth manual testing process and not just run automated tools and copy paste results.
-Development knowledge of any current programming languages.
-Strong understanding of software and application security.
-Strong oral and written communication skills.
-Involvement in software community via OWASP, WASC, Null, ClubHack and/or open source development is highly desirable.
-Track record speaking at major security conferences such as OWASP Appsec, SANS Appsec, and Blackhat, Nullcon is highly desirable.
-Intercepting proxies (i.e. Burp Proxy, Charles Proxy, Webscarab Proxy, Paros Proxy, etc)
-Technically oriented workplace, work on a variety of interesting and challenging modules and projects, surrounded by hackers, coders and geeks.
-Casual clothes.
-Breakfast service to your desk.
-Full time cook will whip you up anything you can print a recipe for.
-Team environment, collaborative learning environment, transparent communications.
-Generally fun environment with lots of LAN gaming and hackathons in off hours.

Interview Process:
- Online Quiz
- Practical Audit
- Technical Interview (In-Person or via Skype)

Last Date To Apply: 10th October 2016