Job Information
IBM Security Consultant - VAPT Lead in Mumbai, India
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your role and responsibilities
Roles: As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy
Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools
Map out a network, discover ports and services running on the different exposed network and security devices
Analyze scan reports and suggest remediation/mitigation plan
Keep track of new vulnerabilities on various network and security devices for different vendors
Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices
Advanced technical analysis on intrusions
Audit configuration of Network and Security devices
Providing rich client specific reports
Required technical and professional expertise
Requirwed: Knowledge on VA tool such as Tenable
Should be able scan devices using VA tool
Should be able to prepare report based on VA tool
Should be able to explain the report to client based on the findings
Should have knowledge on Web Penetration & Network Penetration testing. Should have a skill to conduct Gray box & black box testing
Should worked on various PT tools such as Burp Suite, Acunetix, etc.
Should be able do SCD scanning for Windows & Linux
Should have good knowledge on OS such as Windows, Linux
Experience on network vulnerability scanning penetration testing
Experience with Nessus NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone)
Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering)
In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
Analytical thinker willing to "think outside the box" to resolve customer impacting situations on first contact; understand customer risk profile.
Self-starter and ability to deliver under defined time lines
Preferred technical and professional experience
Prefreed: Integrate Security into DevOps and enable security automation in CI/CD pipeline
Professional Qualification : CEH, ECSA, LPT or Any other equivalent certification.
Focused and versatile team player that is comfortable under pressure
Ability to remove barriers and enable teams to complete their objectives
Understanding of emerging technologies and corresponding security threats
Self-motivated, flexible, with a ‘can do’ attitude.
Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organization.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.