Sr. Security Consultant

Eventus Security is a leading cybersecurity and risk management company providing end-to-end solutions in SOC, Cyber Resilience, Infrastructure Security, and Managed Security Services. We help organizations strengthen their security posture through advanced technology, expert consulting, and 24/7 monitoring.

Job Title: Sr. Security Consultant

Experience: 5yrs+

Job Location: Navi Mumbai

Key Responsibilities:

We are looking for a highly skilled Senior Security Consultant with expertise in Vulnerability Assessment and Penetration Testing (VA/PT) across web applications, infrastructure, cloud environments, and Active Directory. The ideal candidate will have hands-on experience in exploiting security vulnerabilities, conducting secure code reviews, and performing threat modeling to enhance cybersecurity resilience.

Requirements

Network & Infrastructure Security Testing

• Perform network traffic analysis to assess security risks in TCP/IP, routing, and switching.
• Conduct port and service enumeration to identify attack surfaces.
• Execute infrastructure penetration testing on identified services.

Web & Application Penetration Testing

• Identify and exploit OWASP Top 10 vulnerabilities in web applications.
• Assess SANS Top 25 vulnerabilities in application security.
• Perform business logic testing to uncover logical flaws in applications.
• Conduct penetration testing for Web, Mobile, API, and Thick Client applications .

Cloud & Active Directory Security Testing

• Perform Active Directory penetration testing to uncover misconfiguration and privilege escalation paths.
• Conduct cloud security penetration testing across AWS, Azure, and GCP.
• Review CIS Benchmark & NIST-based configurations for security gaps.

Exploitation & Secure Code Review

• Perform manual and automated exploitation of vulnerabilities.
• Conduct source code reviews for Java, .NET, Python, ReactJS, Kotlin, and Ionic.

Threat Modeling & Reporting

• Develop Threat Models to assess security risks proactively.
• Deliver detailed security reports with exploit demonstrations and mitigation strategies.

Tools & Certifications

• Hands-on experience with Burp Suite, SQLmap, Nessus, OpenVAS, and other VA/PT tools .
• Recommended certifications: CEH, eJPT, OSCP, eCPPT .