Security Brigade is looking for a Security Researcher who will be working with ShadowMap tool which is an internal security tool & manage on-site clients for long-term.
Objective of this Role
- Analyze attack surface management tool which contains web & mobile application alerts, data leaks, dark web & exposed code repositories.
- Assist clients by creating a presentation which summarizes vulnerability findings & perform penetration testing on the same.
- Demonstrate POC to the clients & collaborate with their developers to mitigate those findings.
Required Skills
- Excellent knowledge of Web Application Penetration Testing
- Hands-on practice of OWASP Top 10 vulnerabilities
- Familiarity with Cyber Security measures & OWASP Top 10 Proactive Controls
- Experience with solving labs such as Hack The Box, TryHackMe or PortSwigger
Great to have
● Any certifications related to Web Application Penetration Testing.
● Familiarity with offensive toolkits used for network and web application penetration testing.
● Familiarity with offensive and defensive security concept.
Candidate Profile / Criteria :
TLDR – Passion > Education
We don’t require a B Tech or BSc degree, but plenty of the team has them. We always look at capabilities and experience first.
About Security Brigade:-
Security Brigade is a pure-play information security consulting firm specializing in manual testing. Founded on the core belief that “Great audits are done by great auditors not expensive tools”,
Security Brigade’s approach is built around strong processes that enable auditors to conduct in- depth manual security audits.
Security Brigade is based out of Mumbai, India and was founded in December 2006. It conducts thousands of audits a year for organizations such as: MakeMyTrip, Network 18, Tata Group, HDFC, Vodafone, IRDA, Reliance Money, Netmagic Solutions among many
others.
For more information, visit www.securitybrigade.com
Security Brigade a CERT-In empanelled founded on the core belief that “Great audits are done by great auditors – not expensive tools”. Our proprietary E.D.I.T.E platform provides a workflow-based testing engine that encapsulates the complete audit process. It allows expert auditors to focus on indepth manual testing while assisted by a combination of proprietary, open-source and commercial technology.