Vulnerability assessment & Penetration testing (VAPT)

Company: Deloitte

Location: Bengaluru, Karnataka, India

LinkedIn post

What impact will you make?

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of

inclusion, collaboration and high performance. As the undisputed leader in professional services,

Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential

Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full

potential.

The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being

secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at

how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk

at the start of strategy development for more effective management of information and technology

risks.

Learn more about our Cyber Risk Practice.

Work you’ll do

As a part of our Risk Advisory team you’ll build and nurture positive working relationships with

teams and clients with the intention to exceed client expectations. You’ll:

• Serves as technical lead or subject matter specialist on Cyber Security Assessment projects

covering either vulnerability assessment & penetration testing, network security

architecture review, secure configuration / code review, etc.

• Demonstrates ability to work independently on projects with limited supervision and also

lead small team with the assistance from Managers

• Demonstrates understanding of complex business and information technology management

processes

• Demonstrates working knowledge of firm tools and methodologies that may be suitable for

the engagement

• Manages day-to-day client relationships at mid and lower levels.

• Lead practice development initiatives

The key skills required are as follows:

• Understanding of basic business and information technology management processes

• Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches,

and network architecture

• Experience of Web Application Security Testing, Infrastructure VAPT, API testing,

Mobile Testing (iOS & Android).

• Experience on Cloud (AWS & Azure) Configuration and Red Teaming.

• Experience in conducting Firewall and Network Devices Configuration Review and

configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc.

• Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose,

Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc.

• Experience in basic scripting such as: Shell, Python, PERL, etc.

• Basic knowledge of Technoilogies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring,

WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun

NetManage, Cisco Works, Radius, Big Brother, F5.

Risk Advisory Cyber: Attack Surface Management (ASM)

• Experience in data protection technologies such as encryption, PKI, tokenization, data

discovery, data masking, data redaction, etc.

Additional Skills

• Experience on Source Code Review.

• Experience on Network Security Architecture Review, End Point Security, Product

Security.

• Strong knowledge on Malware Analysis, Patch Management, Threat Profiling,

Container, Dockers.

• Strong analytical and communication skills (written, verbal and presentation)

• Open to learn new tools and technologies as per the project requirement

• Interactive with team members and confident during client meetings, under the guidance of

senior members of the project

• Initiative & drive

• Be deadline-oriented and quality-focused

• Demonstrates knowledge of one or more industry or functional area

• Familiarity with industry standards and frameworks such as OWASP, CIS, NIST ISO27001,

etc.

• Demonstrates basic knowledge of security and privacy controls and risk management

processes

• Demonstrates basic knowledge in one or more Cyber Threat Management domains such as:

Threat Management, Cyber Operations/Fusion Managed Services, Malware Analysis,

Collective Threat Intelligence and Cyber Risk Sciences, Incident Management and Forensics,

Data Protection solutions.

Qualifications and Certification

• B.Tech/M.Tech

• Candidates must possess security certification of CEH, LPT, OSCP.

• Good to have security certification for GPEN, CREST

Your role as a leader

At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to

embrace and live our purpose by challenging themselves to identify issues that are most important

for our clients, our people, and for society and make an impact that matters.

In addition to living our purpose, across our organization:

• Builds own understanding of our purpose and values; explores opportunities for impact

• Demonstrates strong commitment to personal learning and development; acts as a brand

ambassador to help attract top talent

• Understands expectations and demonstrates personal accountability for keeping

performance on track

• Actively focuses on developing effective communication and relationship-building skills

• Understands how their daily work contributes to the priorities of the team and the business

How you’ll grow

At Deloitte, our professional development plan focuses on helping people at every level of their

career to identify and use their strengths to do their best work every day. From entry-level

Risk Advisory

Cyber: Attack Surface Management (ASM)

employees to senior leaders, we believe there’s always room to learn. We offer opportunities to

help build world-class skills in addition to hands-on experience in the global, fast-changing business

world. From on-the-job learning experiences to formal development programs at Deloitte

University, our professionals have a variety of opportunities to continue to grow throughout their

career. Explore Deloitte University, The Leadership Center.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer

employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Our purpose

Deloitte is led by a purpose: To make an impact that matters.

Every day, Deloitte people are making a real impact in the places they live and work. We pride

ourselves on doing not only what is good for clients, but also what is good for our people and the

communities in which we live and work—always striving to be an organization that is held up as a

role model of quality, integrity, and positive change. Learn more about Deloitte's impact on the

world

Recruiter tips

We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the

organization and the business area you’re applying to. Check out recruiting tips from Deloitte

professionals.

To take the next step and join our progressive and motivated team.