VAPT|| 4 To 6 || Bengaluru

Capgemini Engineering

1mo ago

Job
Full-time
Mid & Senior Level
Engineering
IT & Cybersecurity

AI generated summary

You should have VAPT experience, knowledge of OWASP Top 10, expertise in tools like Qualys WAS, Burp, and Nmap, plus scripting skills. Strong communication and CEH certification are essential.
You will conduct vulnerability assessments, perform penetration testing, utilize tools like Qualys and Burp, analyze security threats, and communicate findings to developers and management.

Requirements

Experience in vulnerability Management and Penetration Testing.
Hands-on Experience in Qualys WAS tool, and understanding the functionalities and capabilities of the tool.
Strong Knowledge of OWASP Top 10 and other security standards.
Hands-on experience with testing frameworks in line with Web Application, Thick Client, Mobile, Web Services/APIs, Networks.
Experience in both commercial and open-source tools like: Burp Professional, Nmap, Kali, Metasploit, Fuzzing, sqlmap, XSShunter,etc
Experience with Open Web Application Security Project (OWASP) 2021, Open-Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.
Experience in preparing a security threat model and associated test plans.
Experience in translating complex vulnerabilities into simpler procedures for web application developers, systems administrators, and management to understand security testing results.
Knowledge of current information security threats & Good understanding of best practices and standards.
In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred.
Excellent communication skills both written and verbal.
Critical thinking and good problem-solving abilities.
Certification on CEH (Certified Ethical Hacker).

Responsibilities

Experience in vulnerability Management and Penetration Testing.
Hands-on Experience in Qualys WAS tool, and understanding the functionalities and capabilities of the tool.
Strong Knowledge of OWASP Top 10 and other security standards.
Hands-on experience with testing frameworks in line with Web Application, Thick Client, Mobile, Web Services/APIs, Networks.
Experience in both commercial and open-source tools like: Burp Professional, Nmap, Kali, Metasploit, Fuzzing, sqlmap, XSShunter,etc.
Experience with Open Web Application Security Project (OWASP) 2021, Open-Source Security Testing Methodology Manual (OSSTMM) methodologies and tools.
Experience in preparing a security threat model and associated test plans.
Experience in translating complex vulnerabilities into simpler procedures for web application developers, systems administrators, and management to understand security testing results.
Knowledge of current information security threats & Good understanding of best practices and standards.
In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred.
Excellent communication skills both written and verbal.
Critical thinking and good problem-solving abilities.
Certification on CEH (Certified Ethical Hacker).

FAQs

What is the job title for this position?

The job title is VAPT.

What is the required experience range for this role?

The required experience range is 4 to 6 years.

Where is this job located?

This job is located in Bengaluru.

What are the key skills required for this position?

Key skills include experience in vulnerability management and penetration testing, hands-on experience with various security tools, knowledge of OWASP Top 10, and excellent communication skills.

Is knowledge of programming or scripting languages necessary for this job?

Yes, in-depth knowledge of application development processes and at least one programming or scripting language is preferred.

Are certifications important for this role?

Yes, a certification such as CEH (Certified Ethical Hacker) is important for this role.

Will there be opportunities for professional growth in this position?

Yes, Capgemini Engineering offers a career full of opportunities and the chance to make a difference.

Does the company have a diverse workforce?

Yes, Capgemini has a responsible and diverse group of 340,000 team members across more than 50 countries.

What kind of projects will I be working on?

You will work on innovative projects across various industries, including digital and software technology services.

Can you explain the importance of the OWASP Top 10 in this role?

The OWASP Top 10 outlines the most critical security risks to web applications and is essential for understanding vulnerabilities that may affect systems.

Capgemini Engineering

Capgemini Engineering, the leader in engineering and R&D services, helps clients unleash their R&D potential.

Technology

Industry

10,001+

Employees

Mission & Purpose

World leader in engineering and R&D services, Capgemini Engineering combines its broad industry knowledge and cutting-edge technologies in digital and software to support the convergence of the physical and digital worlds. Coupled with the capabilities of the rest of the Group, it helps clients to accelerate their journey towards Intelligent Industry. Capgemini Engineering has 60,000 engineer and scientist team members in over 30 countries across sectors including Aeronautics, Space, Defense, Naval, Automotive, Rail, Infrastructure & Transportation, Energy, Utilities & Chemicals, Life Sciences, Communications, Semiconductor & Electronics, Industrial & Consumer, Software & Internet. Capgemini Engineering is an integral part of the Capgemini Group, a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2023 global revenues of €22.5 billion.