* Hands on experience on network device configuration / administration and operating system configuration.
* Experience in performing network and wireless vulnerability assessment / penetration testing.
* Strong knowledge of various commercial and open source tools like Nessus, Cisco, Snort, Symantec, Qualys, Core Impact etc.
* Knowledge on MSBs for various operating systems (Windows, UNIX, Cisco). Knowledge on databases like SQL, Oracle etc and application servers like Tomcat, Apache..
* Hands on experience in creating audit policies for configuration and compliance scanning of various systems and applications.
* Experience in analyzing results of technical and configuration scans to identify the errors and develop a report.
* Experience in security incident management process including review and resolution of the identified incidents.
* Knowledgeable on regulatory/compliance standards such as SOX, PCI-DSS, ISO, HIPAA etc.
* Knowledgeable in performing risk and threat analysis on findings observed.
* 4-6 years of experience in information security.
* Experience in secure configuration of various network devices [firewall, proxy, switch, and router].
* Experience on security and risk assessments for third parties.
* Experience on web application testing and development frameworks.
* Experience in discovering and demonstrating web application vulnerabilities.
* Proficient in MS Excel and Access for report writing and developing meaningful metrics for large volumes of data.
* One or more security certifications like CISSP, CEH, CISA, CCNP/CCNA, RHCE, MCITP, ITIL etc.
* Undergraduate degree in from an accredited university / college.
* Be able to handle tasks independently with minimal supervision.
* Strong communication skills - both written and verbal with the ability to directly interact with client & onshore counterparts.