<p></p><p><b>Description :</b><br/><br/>About the job :<br/><br/>Location : Remote<br/><br/>Work Type : Full time<br/><br/><b>About Us</b><br/><br/>Scrut Automation is a one-stop shop for infosec compliance.<br/><br/>It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%.<br/><br/>Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience.<br/><br/>The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its 'single window' operations.<br/><br/>Scrut acts like an organisations virtual CISO, so they can focus on their business and leave compliance to Scrut.<br/><br/>We are proliferating and looking to build a strong team to join us on this journey,<br/><br/><b>Responsibilities :</b><br/><br/>- Conduct Vulnerability Assessments of Web Application, Mobile Application (IOS and APK) Source Code Review and Network Devices using various open-source and commercial tools<br/><br/>- Conduct penetration tests and launch exploits using Burpsuite, Nessus, etc penetration testing distribution tools sets<br/><br/>- Research and maintain proficiency in Application and Computer Network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption.<br/><br/>- Analyze scan reports and suggest remediation/mitigation plan<br/><br/>- Keep track of new vulnerabilities on various network and security devices for different vendors<br/><br/><b>Pre-Requisites :</b><br/><br/>- Experience in Application and Network vulnerability scanning and penetration testing<br/><br/>- Experience with Nessus, NMAP, Metasploit, Burpsuite, OWASP Zap and similar<br/><br/>- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, and Gateway security solutions (proxy, web filtering)<br/><br/>- In-depth understanding of Common Vulnerability Exposure (CVE)/ Cert advisory database<br/><br/>- Self-starter and ability to deliver under defined timelines<br/><br/><b>Requirements :</b><br/><br/>- Certifications like CEH, CPT,LPT, EJPT, CCNA, OSCP preferred<br/><br/>- At least 2-5 years in the field of IT Security Services<br/><br/>- Graduate degree<br/><br/>- Broad background in networks, operating systems (Windows, Unix, Linux), firewalls and security engineering concepts;<br/><br/>- Knowledge of scripting languages (C++, C#, Perl, CGI, HTML, Java, TCL, Shell) will be added advantage<br/><br/><b>Why should this job excite you ?
</b><br/><br/>- Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India<br/><br/>- Flat-hierarchical, performance-driven culture<br/><br/>- Rapid growth and learning opportunity<br/><br/>- Comprehensive medical insurance coverage<br/><br/>- A high-performing action-oriented team<br/><br/>- Immense exposure to the founders and the leadership<br/><br/>- Opportunity to shape the future of the B2B SaaS team with YOUR innovative ideas<br/><br/>- The competitive compensation package, benefits, and employee-friendly work culture<br/></p><br/><p></p> (ref:hirist.tech)