Security Researcher

cybersecurity
November 28, 2024
RS70,000 - RS80,000 / month
Full Time
Urgent
Application deadline closed.

Job Description

As a Security Researcher, you will be responsible for identifying and analyzing vulnerabilities, developing proof-of-concept exploits, and conducting in-depth research to improve our security products and protocols. You will collaborate with cross-functional teams to identify emerging threats and provide actionable intelligence that shapes the future of cybersecurity.

Responsibilities

  • Penetration Testing: Conduct thorough penetration tests on systems, networks, and applications to identify security weaknesses.
  • Vulnerability Assessment: Identify, document, and report vulnerabilities across internal and client systems, including evaluating security flaws in infrastructure and software.
  • Threat Analysis: Research and analyze emerging cybersecurity threats to provide proactive security measures.
  • Security Evaluation: Review and assess security protocols, practices, and systems to identify areas of high-risk or potential breaches.
  • Report Writing: Prepare detailed vulnerability and penetration test reports, outlining findings, risk assessments, and suggested mitigation strategies.
  • Client Interaction: Meet with clients to understand their existing security landscape, perform security evaluations, and provide recommendations for improving their security posture.
  • Mitigation and Upgrades: Suggest and implement measures to mitigate identified vulnerabilities, including proposing upgrades and security improvements.
  • Collaboration: Work closely with development teams to integrate security measures into the software development lifecycle (SDLC).
  • Post-Implementation Testing: Conduct follow-up testing after security fixes or new feature deployments to ensure vulnerabilities have been addressed effectively.

Required Skills

  • Good development skills in building automatic vulnerability testing code
  • Deep knowledge of vulnerability assessment and penetration testing methodologies.
  • Proficiency in common programming/scripting languages (e.g., Python, Bash, PowerShell, or similar) for automating security testing.
  • Knowledge of OWASP Top 10 vulnerabilities and how to mitigate them.
  • Familiarity with network security protocols, firewalls, VPNs, and encryption technologies.
  • Hands-on experience with web application security and network security.

Preferred:

  • Familiarity with compliance frameworks such as PCI DSS, ISO 27001, and GDPR.
  • Knowledge of cloud security and security practices in AWS, Azure, or GCP environments.