JD – VAPT
Vulnerability Assessment & Penetration Testing (VAPT):
Must have knowledge of –
- Network architecture
- Server architecture
- Application architecture
Network VAPT
- The candidate must have deep knowledge in carrying out VAPT of the following network elements:
- Firewalls
- Core routers
- Core switches
- Wi-fi networks
- Windows servers
Web Application VAPT
Candidate must have experience in carrying out web application based VAPT.
Mobile Security
The candidate must be adept at carrying out mobile security testing covering aspects like app VAPT, Mobile app, Server VAPT and preferably some knowledge of mobile code review for popular platforms like IOS/Android.
Cloud Infrastructure & Application Security
Infrastructure Vulnerability scans
Platform specific testing experience would be an added advantage (e.g. VA PT of AWS, Azure)
Tools Experience
- Nmap
- Nessus
- Burp suite
- Masscan
- Accunetix
- Air crack ng
- Air Snort
- Metasploit
- Maltego
- Shodan
- OWASP ZAP
- ADB
- IPAD file explorer
- Kali Linux
- Wireshark
- Live CDs like Kitana
- Scripting and coding experience (optional – good to have)
- Python
- PHP
- BASH