Title:  Sr. Pen Test D&T Infra and Cyber

At West, we’re a dedicated team that is connected by a purpose to improve patient lives that has been at the center of our Company for more than a century. Our story began when Herman O. West solved the problem of supplying penicillin in mass quantities to the US Government during World War 2. Through our work to deliver thousands of life-saving and life-enhancing injectable medicines to millions of patients daily, West’s indelible mark on the healthcare industry has just begun. A name started our story. How will yours help write our future?  

There’s no better place to join an inclusive community of professionals with opportunities for lifelong learning, growth and development. Supported by benefit programs, we empower the physical, mental, emotional and financial health of our team members and their families.  

We believe in giving back to help those in need in the communities where we live and work. And are equally committed to creating a healthier environment and planet through our sustainability efforts.  

Job Summary:

Sr. Penetration Tester,D&T,Infrastructure and Cybersecurity will be responsible to perform Penetration testing for Software, Hardware/Embedded, Network and IoT applications. In this role , candidate is expected to work independently and prepare standard penetration test reports,provide consultancy and recommendations for the project teams on fixing vulnerabilities.

Essential Duties and Responsibilities:
•    Conducting Infrastructure, Application, Mobile Application and Wireless Network Penetration Testing.
•    Conducting Secure Configuration Reviews and Controls Assessments (ISO270001/2; NIST CSF etc.).
•    Conducting Security Check.
•    Lead the development of product security requirements for applications, infrastructure, cloud and/or other products, and participate in the full lifecycle of product design.
•    Assess, identify, develop a threat models and provide recommendations with the explicit purpose of influencing design decisions to address the likely threats to a product’s security and resiliency. Threat modeling and identification techniques
•    Conduct manual and automated security testing of applications, infrastructure, cloud and/or other platforms to discover security vulnerabilities.
•    Well-rounded knowledge of multiple Information Security domains and  Scripting, automation experience and good understanding of the OWASP Top 10
•    Code reviews, vulnerability detection, and root cause analysis
•    Familiarity with common network, system and web application attacks and mitigations
•    Designing , implementing software and security tools.
•    Experienced working with embedded systems and their respective security considerations.
•    Cryptographic standards and how they are applied to ensure robust product security.
•    Internal and External Network Penetration Testing
•    Application Penetration Testing (Browser-based, API, Mobile) and Cloud Solution
•    Wireless and Physical Assessments
•    Experience conducting Web/Mobile and Thick Client Application Security Assessments, Mobile Application Security Assessments for iOS and Android devices.
•    Experience with Web Vulnerability assessment tools like Burp, Acunetix, IBM AppScan, Netsparker and penetration frameworks like Metasploit.
•    Conduct penetration testing and work with multiple teams to evaluate/triage the results.

Education and Experience:
•    Bachelor’s in Engineering (BE) 
•    Good to have diploma in Information Security/Cybersecurity
•    5 to 8 years of strong knowledge in VA/PT with hands-on experience in any application development (C, Java, Python, Perl, NET).
•    Minimum 5 years’ experience working in information/cyber security with an emphasis on product security
•    Good experience in VA/PT for applications (web, mobile, thin client) and in network infra security
•    Knowledge of PCI/DSS, Cloud Security Alliance, ISO2700x controls.
•    Certifications in Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) certification or equivalent experience.

Knowledge, Skills and Abilities:

•    Good oral and written communication.
•    Very good analytical skills and listening skills
•    Ability to work as a team player.
•    Ability to work independently with minimal direction, self-motivated, and have an excellent attitude.

Physical and Travel Requirements
•    Occasional on-call work required
•    Prefer 12pm – 9pm India time. Willingness to work outside of these hours as needed

West is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sex, gender identity, sexual orientation, age, marital status, veteran status, or disability status.  If you have a special need that requires accommodation in order to apply to West, please send an email to Apply.Accommodation@westpharma.com.  Where permitted by law, an offer of employment with West Pharmaceutical Services, or any of its subsidiary or affiliate companies, is contingent upon the satisfactory completion of background screening and/or a pre-employment drug screening.