YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.

At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.

We are looking forward to hire Application Security Professionals in the following areas :

Position Name: Lead Consultant - VMS, AppSec & PT

Description

YASH is a Digital services enabler organization delivering vast portfolio of digital services to customers across the globe. Our topline services include Cybersecurity services. We are looking for a candidate with strong security testing skills pertaining to Vulnerability Management, Application Security Testing and Penetration Testing. This role will be part of vibrant YASH’s Cybersecurity services team.

As an VMS, AppSec & PT Expert, you will be responsible for assessing and driving the security of different types of applications developed in client environment. Work with development teams or vendors to detect, prioritize and remediate security flaws within the applications. Collaborate with IT and the business to identify and implement appropriate software development related security controls.

Position: Lead Consultant - VMS, Application Security and Penetration Testing

Number: 01

Location: Across India

Total Experience:  8 – 10 years

How do you grow and be successful:

At YASH, we will offer all support to grow in your career. At the very beginning you will receive a deep knowledge of the current VMS, AppSec & PT practice after your onboarding is completed. You will be measured on the positive contribution in delivering the services to our customers.

All our employees will have global exposure from day 1. We will offer you the chance to learn multiple security technologies and solution training programs. Our career path program will reach the highest positions and make a global career to aspiring candidates.

Key responsibilities

• Strong experience in Vulnerability Management, Application Security & Penetration Testing.
• Strong experience of penetration testing methodologies, tools, and techniques (e.g., OWASP Top 10, Metasploit, Burp Suite).
• Strong experience of vulnerability management practices using tools such as Qualys, Nessus and other
• Experience in external & internal network testing.
• Ability to identify security vulnerabilities and provide actionable remediation recommendations.
• Collaborate with development and operations teams to integrate security best practices into the SDLC (Software Development Lifecycle).
• Prepare detailed reports & presentations for both technical and non-technical stakeholders.
• Continuously research & evaluate new tools and techniques to enhance the penetration testing process.
• Strong written & verbal communication skills for effective reporting and stakeholder engagement.

Qualifications:

• Bachelor’s or Master’s Degree (IT, Computer Science, Cybersecurity, Telecommunications, Engineering, etc.)
• 5 -7 years equivalent experience
• Experience with software penetration testing, architectural risk assessment, threat modelling, static code analysis and secure code review
• Experience with network penetration testing, firewalls configuration, network architecture and security
• Experience in manual penetration testing of websites, APIs and networks using a variety of tools and technologies
• Strong experience with vulnerability assessment across different infrastructure components and working with resolver group to prioritize & remediate.
• Experience in testing network isolation, escalation of privileges, authentication, expanding the attack surface and exploiting vulnerabilities
• Experience securing applications on a myriad of platforms and languages including Java, .Net, Angular, etc.
• Experience with a variety of testing tools, including: HCL AppScan, Burp Pro Suite, Veracode, Qualys Suite, NMAP, Metasploit, Kali Linux, Wireshark and OWASP ZAP.
• Understanding of common Web Application vulnerabilities like XSS, CSRF, and others.
• Experience in identifying and resolving false positive findings in assessments
• Firm understanding of networks, operating systems and data-center architecture.
• Familiarity with cloud technologies (IaaS, PaaS, SaaS, containers) on Google, Azure and AWS environments
• Experience performing Red Team, Blue Team Operations is a strong plus.

Other requirements

• Travel will be required on need basis.
• You will be working during client business hours based on the project you will be allocated into.
• Office reporting is flexible and encourage hybrid working for this role. However, reasonable reporting into office for project meetings and client meeting attendance is mandatory.
• All working days reporting may be subjected to project or organization demand.
• Ability to work in global distributed setting without supervision
• Self-driven, Proactive, Systems Thinking
• Strong organizational, personal discipline and time management skills to manage multiple tasks and changing priorities.
• Ability to properly handle confidential information and personnel-related matters
• Strong process-oriented skills for troubleshooting, problem solving and problem resolution
• Ability to work with others to deliver and provide a high level of service
• Strong communications skills both verbal and written with the ability to talk to both business and technical people

At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.

Our Hyperlearning workplace is grounded upon four principles

• Flexible work arrangements, Free spirit, and emotional positivity
• Agile self-determination, trust, transparency, and open collaboration
• All Support needed for the realization of business goals,
• Stable employment with a great atmosphere and ethical corporate culture