Tech Lead @ Sterlite Technologies

Purpose: To Deliver Experiences That Create Value Transforms Lives About Sterlite Digital (STL) STL DIGITAL is a global IT Services and Consulting company that enables enterprises to experience the future of digital transformation. We provide end to end services across product engineering, software, cloud, data and analytics, enterprise application services, and cyber-security. Why STL Digital At STL Digital, we engineer experiences that create value. We blend the agility of a startup with the stability of an established enterprise. Were passionate about innovation. Our culture is built on four core values of -Respect for Individuals, Hunger to Learn, Promises Delivered Keep it Simple. We value both experienced leadership and fresh perspectives, creating a dynamic environment where everyone can contribute and thrive. Were looking for talented individuals to join us on this exciting journey. Lets build the future of tech together.

Vulnerability Assessment Penetration Testing

This is an exciting role that will give you the opportunity to work with Product teams around the

globe to perform penetration tests on the client s many products. You will be working alongside the best security teams in the industry. This will include scoping and planning penetration tests with the development teams and then leading execution of those pen tests. You ll report findings, produce reports and work with the development and security teams to resolve the issues you and your team members find. You ll stay up to date with the industry s latest techniques and tools. This role will be testing a variety of products and will be well versed in cloud, client, IoT and hardware penetration testing. You will be researching new penetration tools and techniques, including how AI can help improve efficiencies as well as developing and implementing the best new techniques to test AI products. You ll work with development teams to coordinate penetration tests and ensure that products are tested within an appropriate time frame. You will be communicating the priority and

risk to development teams. You will have excellent organizational and communication skills

ensuring that development teams are well informed of the penetration testing results.

In Summary you will:

Perform penetration tests on Cloud, Client applications (web, mobile thick clients) and AI products. Work with development and security teams to find and explain security issues, suggest mitigations, and ensure they are mitigated. Stay up to date on the latest testing tools and techniques ensure both yourself and the teams are using the most effective methods. Position Requirements Basic Qualifications: Bachelor s degree in a relevant field or equivalent relevant experience 3 - 6 years of cybersecurity experience 2+ years of experience of penetration testing Strong written and verbal communications and interpersonal skills. Ability to work independently as well as function as an integral part of a team, take initiative and ownership in a fast-paced environment Ability to successfully work across regions and functions to solve problems and get things done Preferred Qualifications: Knowledge of Artificial Intelligence security testing tools and techniques. Experience with penetration testing and diagnostic tools such as Burp Suite, Kali Linux, fuzzing tools, code analyst tools, DAST tools, Metasploit, etc.

Knowledge of Agile processes

Experience working in a development environment.

Offensive Security certifications such as Offensive Security Certified Professional

(OSCP), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security

Web Expert (OSWE), Offensive Security Exploit Developer (OSED), and Offensive

Security Exploitation Expert (OSEE)

SANS certifications such as GIAC Cloud Penetration Tester (GCPN), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Incident Handler (GCIH), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Reverse Engineering Malware (GREM), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) EC-Council certifications such as Certified Ethical Hacker (ANSI or Practical) Industry security certifications such as CISSP, Security+, etc.

VAPT