Information Security Consultant VAPT

• Posting Date: 06/07/2022
• Ref: 200744
• Position: Information Security Consultant VAPT
• Location: Jordan
• City: Amman
• Sector: IT Services
• Years of Experience Senior
• Qualification: Bachelor’s degree in computer science / IT
• Salary: Market rate
• Workdays:
• Description:
  • Conduct cyber-attack simulations as part of the RED team activity
  • Conduct Vulnerability Assessment and Penetration Testing and configuration review for network, web application, mobile application, and thick-client application
  • Conduct configuration reviews for OS, DB, Firewall, Routers, Switches, and other security devices/components
  • Perform manual testing of web applications
  • Conduct source-code review using automated and manual approaches
  • Prepare detailed reports
  • Ensure timely delivery of status updates and final reports to clients
  • Handle Clients queries
  • Keep oneself updated on the latest IT Security news, exploits, hacks
  • Prepare Threat Intelligence reports for newly discovered threat agents, exploits, attacks
  • Locate weaknesses and vulnerabilities of IT/OT systems, web applications, mobile applications, etc. through vulnerability assessment and penetration testing (VAPT), red-teaming, and other techniques
  • Conduct security analysis on weaknesses and vulnerabilities discovered
  • Conduct risk analysis on security findings
  • Recommend and advise customers on steps to enhance the security of IT/OT systems
  • Prepare and present reports to customers
  • Able to conduct Network Vulnerability Assessment with correct setup and installation
  • Able to draft Network Vulnerability Assessment information request list for pre-engagement
  • Able to draft Network Vulnerability Assessment report
  • Able to provide Network Vulnerability Assessment recommendations
  • Able to conduct Web and Network Penetration Test with correct setup and installation
  • Able to draft Web and Network Penetration Test information request list for pre-engagement
  • Able to draft Web and Network Penetration Test report
  • Able to provide Web and Network Penetration Test recommendations
  • Able to conduct host configuration review (HCR)
  • Able to draft/update host configuration review (HCR) template
  • Able to draft host configuration review (HCR) report
  • Able to provide host configuration review (HCR) recommendations
  • Able to create scripts for each of the host configuration reviews (HCR)

  Certification: OSWE, OSCP, CRTP
  More