About the Role
Responsibilities:
Vulnerability Assessment: Conduct comprehensive assessments of systems, networks, and applications to identify potential vulnerabilities and weaknesses that could be exploited by malicious actors.
Penetration Testing: Perform controlled cyber-attacks, attempting to exploit identified vulnerabilities, in order to test the effectiveness of the organization's security measures.
Network Analysis: Analyze network traffic and configurations to pinpoint security gaps, misconfigurations, and potential entry points for attackers.
Application Security Testing: Evaluate the security of web applications, mobile apps, and other software for vulnerabilities like SQL injection, cross-site scripting, and insecure authentication mechanisms.
Social Engineering: Utilize social engineering techniques to assess an organization's susceptibility to manipulation and unauthorized access through human interactions.
Report Generation: Document and communicate findings, vulnerabilities, and potential risks in clear and concise reports that can be understood by both technical and non-technical stakeholders.
Remediation Recommendations: Provide actionable recommendations and strategies to address identified vulnerabilities and enhance the overall security posture of the organization.
Security Awareness: Collaborate with internal teams to educate and raise awareness about security best practices and potential threats.
Stay Current: Keep up-to-date with the latest security threats, vulnerabilities, and attack techniques to adapt and evolve testing methodologies accordingly.
Compliance and Regulations: Ensure that security testing practices adhere to industry regulations, compliance standards, and legal requirements.
Ethical Considerations: Conduct all testing in an ethical and responsible manner, respecting the organization's privacy and legal boundaries.
Requirements
Requirements:
Technical Skills: Proficiency in using various penetration testing tools, vulnerability scanning tools, and network analysis tools. Strong understanding of operating systems, networking protocols, and application security concepts.
Certifications: Industry-recognized certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), or related certifications are often required or highly regarded.
Problem-Solving: Ability to think creatively and strategically to identify potential security gaps and devise ways to exploit them.
Communication: Excellent written and verbal communication skills to effectively convey technical findings and recommendations to both technical and non-technical stakeholders.
Ethical Mindset: Strong ethical grounding and a commitment to responsible disclosure and protection of sensitive information.
Team Player: Collaboration skills to work with cross-functional teams including developers, IT personnel, and management to implement security improvements.
Continuous Learning: A proactive attitude toward staying updated with the rapidly evolving cybersecurity landscape.
Penetration testing is a critical function in ensuring the security of digital systems and maintaining the trust of customers and partners. Penetration testers play a pivotal role in helping organizations identify and address vulnerabilities before they can be exploited by malicious actors.
About the Company
Acess Meditech Private Ltd. (AMTPL) is an InsureTech Software Solutions Provider. We serve Insurance companies, Third Party Administrators, Aggregators and Insurance Brokers with cutting edge ERP solutions, helping the world’s leading insurers to innovate, collaborate and operate like a tech company: fast, simple and agile. Acess Meditech Private Limited (AMTPL) is appraised as CMMI Level- III (Capability Maturity Model Integrated Level -3 Company) from 2014 to 2016. Our head office is in Hyderabad, India, and we operate branches in KSA and UAE.