Information Security Auditor jobs in Mumbai - Cyber Security

Apply Now View All Jobs by this Recruiter

  • Job View 77 Views
  • Applicants Less than 5 Applicants
  • 2019-06-20

Job Description

Requirements : CISA (Certified Information Systems Auditor) Certification required.

- To conduct IT audits for enterprises and advanced penetration tests to identify vulnerabilities in computer systems, which could be penetrated by malicious intruders.

- Requires the ability to analyze risk assessment and put in place measures to control vulnerable areas. Must simulate breaches to network security and develop measures to lock down areas of risk.

- To perform the indicated preventive, corrective and protective measures to safeguard systems before an actual breach can occur.

- Provide Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security.

- Conduct audits or lead audit teams in performance of IT audits and reviews of systems, applications and IT processes. Prepare and report results to executives and clients.

- Perform pre and post- implementation reviews of system implementations or enhancements.

- IT security audits (e.g. network, operating system and data center), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.

- Evaluate information on general computing controls . Test compliance with those controls.

- Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.

- Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness, (including for risk assessments). Ultimately be a source for analytics that business units adopt to provide business insights or for continuous auditing.

- Prefer candidaters possessing experience with auditing of Banks IT infrastructure.

- Must have sound knowlegde of PCI DSS, ISO 270001 and other frameworks

Key Skills

Industry

IT-Hardware & Networking / IT-Software / Software Services

Functional Area

IT Software - Others

Number of Vacancy

1

Education

Higher Secondary


About Cyber Security

- To conduct advanced penetration tests (VA/PT) to identify vulnerabilities in computer systems, websites and applications.
- The candidate must have the ability to analyze risk assessment and put in place measures to control vulnerable areas. The ethical hacker must simulate breaches to network and IT security and develop measures to lock down areas of risk.
- The candidate must be able to perform preventive, corrective and protective measures to safeguard the system before an actual breach can occur
- Should there be a breach in a system, the candidate should possess the skills to respond to said breach.
- The candidate must be proficient with VA/PT, especially manual testing. Candidates who are less reliant on tools and automation are preferred.
- Hands on experience with tools like burpsuite as well as manual testing is essential.
- Candidate should have practical knowledge of IDS, IPS and Wi-Fi hacking.
- CEH certification or an equivalent is required. If the candidate does not have a certification, then he must be highly skilled with solid practical experience in VAPT and security assessments.
- Knowledge of Reverse Engineering, Malware Analysis, Shellcoding and Exploit Writing are a plus.
- The candidate is expected to communicate effectively with Clients and perform live demos
- Experience with Bug Bounty and Hall of Fame
- Provide Mitigation of a Particular vulnerabilities
- Experience with hacking gadgets
- Proficient in any one Scripting Languages (Python, Ruby, C) (Please note : In our experience, most candidates claim to be proficient in the aforesaid programming languages but do not pass a basic verbal test on the same)
- Assisting in Security Audits
- Experience with Security Framework like Metasploit, Burpsuite etc.
- Freshers should have sound theoretical and practical experience
Depending on the profile, selected candidates will get to work closely with security and forensic professionals as well as leaders of the industry

Learn more...

read more
Apply Now

Similar Jobs



Career Insights For Your Growth