Salary
2 Million INR - 0 INR
Desired Experience
Cybersecurity Penetration Tester R&D Job Description Overview: ▪ Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. ▪ Minimum 3+ years of experience in product penetration testing. ▪ 3+ years of experience in web, mobile (Both Android & iOS) and thick client penetration testing domains. (Recommended to have expertise in more than 1 domain) ▪ Perform exploit and vulnerability research on Schneider electric products. ▪ Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. ▪ Knowledge of at least one scripting language such as python, shell script, ruby, javascript etc. ▪ Research fuzz testing tools and conduct penetration test on a variety of Schneider Electric products via communication interfaces such as Modbus, Wi-Fi, Bluetooth, and others. ▪ Ability to develop detailed PoCs, train product team and promote security awareness. ▪ Stay up to date on the latest exploits and security trends. Who Are We The Schneider Electric Global Security Lab (GSL) performs testing to ensure that we deliver more secure products to our customers. Our Global Security Labs in Bangalore, India; Shanghai, China and Grenoble, France provide Code Scanning services and Penetration Testing services. Schneider Electric’s Global Security Lab is accredited by CREST for pen-test. Requirements
Key Skills
Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. ▪ OSCP, OSCE, SANS GPEN, GXPEN, CRTE, CPSA, CRT or CEH certified. ▪ Good understanding of emerging technologies such as IoT and 5G ▪ Knowledge of programming languages such as C, C++, Java, .Net or Javascript. ▪ Ability to learn and adapt quickly ▪ Knowledge of Windows and Linux, basic security, and networking principles. ▪ Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques. ▪ Knowledge of OWASP, NIST, MITRE CWE etc. One or more of the following may serve as a distinct advantage (not strictly required): ▪ Hardware debugging skills ▪ Familiarity with testing embedded devices, OT/IoT protocols. ▪ Basic reverse engineering skills (Familiarity with IDA Free, Ghidra, etc.) ▪ Basics of ARM exploitation.
Primary Qualification
Any
Additional Qualifications
Not Specified
Job Description
Designation:Penetration Testing
RESPONSIBILITIES
Primary Responsibilities:
Additional Responsibilites:
CANDIDATE PROFILE
Min Experience:3
Max Experience:6
Work Experience Desired:Cybersecurity Penetration Tester R&D Job Description Overview: ▪ Lead engagements from kickoff with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. ▪ Minimum 3+ years of experience in product penetration testing. ▪ 3+ years of experience in web, mobile (Both Android & iOS) and thick client penetration testing domains. (Recommended to have expertise in more than 1 domain) ▪ Perform exploit and vulnerability research on Schneider electric products. ▪ Knowledge of TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. ▪ Knowledge of at least one scripting language such as python, shell script, ruby, javascript etc. ▪ Research fuzz testing tools and conduct penetration test on a variety of Schneider Electric products via communication interfaces such as Modbus, Wi-Fi, Bluetooth, and others. ▪ Ability to develop detailed PoCs, train product team and promote security awareness. ▪ Stay up to date on the latest exploits and security trends. Who Are We The Schneider Electric Global Security Lab (GSL) performs testing to ensure that we deliver more secure products to our customers. Our Global Security Labs in Bangalore, India; Shanghai, China and Grenoble, France provide Code Scanning services and Penetration Testing services. Schneider Electric’s Global Security Lab is accredited by CREST for pen-test. Requirements
Primary Skills:Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. ▪ OSCP, OSCE, SANS GPEN, GXPEN, CRTE, CPSA, CRT or CEH certified. ▪ Good understanding of emerging technologies such as IoT and 5G ▪ Knowledge of programming languages such as C, C++, Java, .Net or Javascript. ▪ Ability to learn and adapt quickly ▪ Knowledge of Windows and Linux, basic security, and networking principles. ▪ Knowledge of reverse engineering tools, debuggers, and dynamic analysis techniques. ▪ Knowledge of OWASP, NIST, MITRE CWE etc. One or more of the following may serve as a distinct advantage (not strictly required): ▪ Hardware debugging skills ▪ Familiarity with testing embedded devices, OT/IoT protocols. ▪ Basic reverse engineering skills (Familiarity with IDA Free, Ghidra, etc.) ▪ Basics of ARM exploitation.
Optional Skills:1. Hosted Solution ( Web , Cloud and API)
2. Mobile Application ( Android and iOS)
3. Thick Client Application
4. OT and ICS Pentest
Additional Requirements:Profile of Perumal we have interviewed recently from another vendor and not shortlisted . Please share the profile of candidates with pratical pentest certifications
CEH , Security+ .. are not pratical pentest certification . Examples of Pratical pentest certification are Offensive Security OSCP , OSCE , CREST CRT , CRTP..
Posted On
20-Nov-2023 04:36:43 PM
|
