Experience: 4-6 years
We are looking for collaborative innovators who are passionate about making their mark on the software product. We are expanding our workforce – engineers, architects, developers, and more- onboarding early adopters who can optimize, pivot, and keep pace with ever-evolving development applications.
Do you enjoy reading source code and finding weak security concerns? Do you enjoy writing a proof of concept code to demonstrate the potential impact of an issue by demonstrating it? Do you enjoy protecting customers at scale? If yes, you are the right candidate to apply. You will be responsible for performing Infrastructure vulnerability assessments, running scans, analyzing tool results, and providing the developers’ latest suitable remediation techniques.
- Conduct Penetration testing for thin & thick client-based applications.
- Manual security assessments of web applications on thick & thin clients.
- Conduct application security on Manual & Automated assessments.
- Perform Web Application and API Security Testing.
- Perform Mobile application security assessment.
- Perform network penetration testing, system vulnerability assessment & security configuration review.
- Must have an excellent understanding of web application security and secure coding.
- Proficient in vulnerability assessment/penetration testing of Web-based applications, Mobile Applications, and Desktop based applications.
- Experience with application vulnerability scanning tools (e.g., IBM App Scan, HP Web Inspect, NTO Spider, Burp Suite, Nessus, Nexpose, NMAP, Wire Shark)
- In-depth knowledge and experience of OWASP Top 10 and SANS Top 25 standards.
- Web App Security (Manual & Automated Testing, Comfortable in Black Box/ Grey Box testing to find business logic vulnerabilities).
- Hands-on experience in Kali Linux, Network Security, Threat Modelling, Security Audit, and Remediation Techniques.
- Hands-on experience in Data Analysis and Troubleshooting.
Good to Have Skill:
- Rich script development in Perl/Ruby/Php/Python will be an advantage.
- Relevant certifications (OSCP/CSSLP/CISSP) will be an added advantage
- Strong Communication skills.