Senior Information Security Engineer
Infosys · Bengaluru East, Karnataka
Infosys · Bengaluru East, Karnataka
Conduct network/ System vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and provide appropriate remediation plans for mitigation of the identified vulnerabilities. Conduct Application vulnerability assessments for web applications / SAP applications, identify and report vulnerabilities, provide recommendation and track closure of identified vulnerabilities. Perform Configuration compliance assessments for Endpoints / Assets /network devices and help maintain the security settings at compliant level with Specific Security Standards Performing comprehensive review and threat adversary modelling for web applications Perform penetration testing for Infrastructure assets, Applications, IOT and network devices on a defined frequency Good understanding of OSI layers and fundamental Operating system concepts, security settings for various flavors of Windows and Linux platforms Strong understanding of Information security concepts Sound knowledge about infrastructure vulnerability scans, identifying security vulnerabilities, weaknesses, threats and assessing related risks that exists within an IT Infrastructure or business processes Sound knowledge about Application vulnerability assessments: DAST, SAST for web applications/ SAP applications and relevant knowledge of OWASP top 10 vulnerabilities Ability to write scripts using python/ Dotnet/ Java as and when required during assessments Added Advantage: certification like OSCP, CISSP, CISA Self-starter, positive mentality and a go getter attitude mandatory Strong verbal and written communications skills mandatory, including creative writing skills Strong people and negotiation skills mandatory Quick learner, a researching mentality and ability to adapt to and meet demands of a fast-changing environment