Job Description
As a Security Consultant, you will be working under the Security Service section.
Job Responsibilities
As a Security Consultant, you are responsible to: –
i. Perform Network Vulnerability and Conducting security assessments and such as penetration test on web and mobile application, block chain security product development
ii. Conducting secure code reviews
iii. Create measures for customers to eliminate security vulnerabilities
iv. Performing tests of architectural concepts and create design patterns
v. Conduct IT security awareness seminars and training
vi. Creation of security concepts
vii. Keep updated on knowledge of the IT security industry: including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques and tools
viii. Perform Blackbox / Graybox testing of Web/Mobile/Thick client applications
ix. Risk Evaluation of observed vulnerabilities based on common risk scoring techniques such as CVSS
x. Knowledge-share with team on techniques and results
xi. Create detailed report of findings and recommendations after testing is completed and present to stakeholders
xii. Coordinate with developers/stakeholders on the findings for appropriate fixes
xiii. Prepare proposals / statement of work (SOWs) and respond to RFPs by articulating NERA’s Security value proposition against the customer defined requirements and propose winning solutions
xiv. Uses in-depth solution knowledge to provide technical expertise to sales staff and the customer through sales presentations and product demonstrations for building new relationships, driving opportunities, and defining innovative security solutions to our customers
xv. Engaging customers and partners, capturing requirements, proposing technical solution, and overseeing the selection of technologies/products, scoping and estimating resources and effort needed to deliver the business value solutions to the customer successfully and achieving high level of customer satisfaction – to own and manage the whole process
xvi. Research and develop appropriate working solution and value proposition, engaging with the respective solution principal and services partner (including our MSS product team and professional services), to address customer requirement
xvii. Be the solution owner, taking lead and working with cross-functioning team including professional services, product management, sales and marketing to drive the development of market-driven solution and services, and also for marketing events
xviii. Ensure personal technical, communication and commercial skills are kept up to date to ensure successful execution of role, e.g. maintaining CPE, attending training, webinars
Qualifications:
- Min Diploma and preferable Certified in OSCP, OSWE, OSCE
- Experience performing security testing of web / mobile applications
- In-depth knowledge of Web/iOS/Android architecture and their underlying security mechanisms.
- Experienced with performing Web/Mobile Applications Pentest, Source Code Review and Infrastructure Pentest
- Experienced with performing red teaming / blockchain security test as a plus