EY Risk _ VAPT, Senior in Trivandrum, India
Risk _ VAPT, Senior
Requisition # IND00BFA
Post Date 6 days ago
About the team :
Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Network Security, Architecture review, Application Security Review,
Attack and Penetration testing,
Experience in penetration testing of Web Applications (Java, J2EE, .NET,IIS, PHP, ASP),
Vulnerability Assessment and Exploits,
Secure Programming, Application Code Review,
Mobile applications security assessment
Database technologies (SQL, Oracle)
Database Architecture review and vulnerability assessments
Database exploits (database dump,)
Assess the security risk of identified events and alert.
Analysis of the Patches released by the vendors.
Review operational logs and event console activity to determine cause of security-related events or to identify potential security related events
Raising incident tickets in the incident tracker tool.
Implementation of SIEM tools and platforms
Configure and fine tune various configuration parameters for SIEM tool
ISO 27001 readiness and implementation for different clients
Perform information security risk assessments
Plan and execute Application controls and IT General controls review
Conduct SOX (Sarbanes Oxley Act)–ITGC audits
Develop and review security policies, standards and procedures
Advisory offerings on Business continuity and Disaster recovery