RSM India

Assistant Manager/ Manager-Cyber Security


Assistant Manager/ Manager-Cyber Security - Information Security & Assurance Services (ITSA)  

Indicative Job Description:

  • Well versed with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
  • Development experience preferred.
  • Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual.
  • Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), CREST Penetration testing or similar certification preferred.
  • Expert with common web application penetration testing tools including, but not limited to Burp, Fiddler, OWASP Zap, BeEF,  and at least one commercial solution (Veracode, AppScan, or similar).
  • Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap
  • Create actionable reporting based on security testing, including black,grey,white box,code reviews and reverse engineering,  network and software architecture reviews and social engineering.
  • Must have a working knowledge and strong understanding of security best practices for the following technologies:  Windows Active Directory, network routing and switching, firewalls, IDS/IPS.
  • Prior experience with penetration testing, red teaming, white hat hacking, and/or performing information security assessments Compliance like PCI, HIPAA and frameworks like COBIT, ITIL etc. Must have experience in building test strategy, test plan, governing UATs, performance testing, integration testing, load/ stress testing, test automation, building/ maintaining currency of automated test beds.
  • Must have experience in testing mobile apps (apps performance and security testing)
  • Managing penetration testing services, including both expert consulting and managed services.
  • Providing manual penetration testing and standards gap analysis services to internal business and technology partners.
  • Providing security requirements for test ‐driven design
  • Supporting application security tool deployments including static analysis and runtime testing tools.
  • Producing metrics reporting the state of application security programs and performance. Must be able to approach IT  security and testing from the perspective of risk management



Preferred Qualification:

Bachelor’s degree in Computer Science or related discipline preferred with CISA or CISSP, ITIL, Degree, Certified Ethical Hacker (CEH), OSCP, SANS, Tools Experience in various frameworks / standards in the above areas e.g. NIST Cyber Security Framework, ISO 27001, Cloud Security Alliance (CSA) etc     

Other Competencies

Self-motivated, innovative, capable of handling stress, willingness to travel and meet the deadlines.        


"2-5+ years of experience with penetration testing, vulnerability assessment, web application and external network penetration testing using industry standard tools and technologies.

- Well versed with Static Application Security Testing (SAST) and Dynamic"  

Office information


3rd Floor, A-Wing, Technopolis Knowledge Park, Mahakali Caves Road, Andheri (E), Mumbai 400 093.