- Experience in vulnerability assessments and penetration testing using manual testing techniques, scripts, commercial tools and open source tools (ex: Kali Linux, BackTrack 4/5, SET Toolkit, War Dialing, SQL Injection, Web Application Testing, Onapsis, Metasploit, Wireless tools, Nessus, Qualys etc)
- Experience in vulnerability assessments and penetration testing for web application using various manual testing, scripts and commercial tools (ex: App Scan, Nikto, Burpsuite, Acunetix, Qualys, etc)
- Conducting secure coding practices, software-based vulnerabilities and mitigation strategies, as well as application security testing techniques, methodologies and code analysis tools (Veracode, App scan, Fortify)
- Track threat actors and associated tactics, techniques, and procedures (TTPs) by capturing intelligence on threat actor TTPs and developing countermeasures in response to threat actors.
- Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs and honeypots
- Network reconnaissance and open source intelligence (OSINT) gathering
- Strong knowledge of operating systems e.g. Microsoft, Linux, iOS, Android etc.
- Strong knowledge of web development and programming languages e.g. Java, .NET, Python, etc.
- Strong knowledge of web application technology, e.g. Application Servers, Web Servers, Databases
- Strong knowledge of Web Application vulnerability exploitation, including but not limited to the OWASP
- Strong knowledge of security related standards/ threat identification and evaluation techniques (e.g. NIST 800-30, Microsoft STRIDE/DREAD)
- Must be willing to travel up to 60-70%
- OSCP, OSCE, GPEN, GWAPT, CEH, LPT, etc
Candidates should be flexible / willing to work across this delivery landscape which includes and not limited to Agile Applications Development, Support and Deployment.
Applicants for employment in the US must have valid work authorization that does not now require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.
Click the following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law
With more than 190,000 people, Capgemini is present in over 40 countries and celebrates its 50th Anniversary year in 2017. A global leader in consulting, technology and outsourcing services, the Group reported 2016 global revenues of EUR 12.5 billion (about $13.8 billion USD at 2016 average rate). Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness.
Learn more about us at www.capgemini.com.