Responsibilities:
Execute the pen testing efforts on a periodic basis to satisfy the legal and compliance requirements.
Coordinate the enterprise-wide penetration tests
Build partnerships with development teams, be a source of expertise in security best practices
Develop and deliver engaging and memorable security trainings
Provide detailed guidance and support to teams in vulnerability remediation
Build out secure API’s by partnering with developers and make sure the utilization is baked into development cadence
Provide security guidance on cloud environments as well as non-cloud environments
Communicate relevant metrics and trends to the technology leadership team.
Ensure stakeholder satisfaction
What We’re Looking For:
5+ years of Experience in Penetration testing
Experience working with at least one scripting languages such as Python, Ruby, Bash, Javascript, etc.
Excellent language skills and ability communicate complex vulnerabilities to internal teams
Demonstrate critical thinking
Experience & ability to run pentest on web application, mobile applications (IOS & Android), thick client applications
Perform Code reviews as part of whitebox pentest
Training & Empowering Developers on Security principles & coding practices
Define a formal pentest process
Do Vulnerability Research & Discovery.
Well versed with OWASP Web and Mobile Testing Frameworks
Certifications such as GPEN, GXPN, GMOB, GWAPT, OSCP, OSWE, OSCE, OSWP, AWS, CNCF (not mandatory)
Spending time practicing skills on platforms such Hack the Box, Pentester Lab, Vulnhub, etc. and participating in CTF competitions (preferred but not mandatory)
Bug Bounty experience on platforms like HackerOne, Bugcrowd, YesWeHack etc., would be an added advantage
Good to have working knowledge on the below Tools/Platforms:
HP Webinspect
HP Fortify
Kali Linux
Burp suite pro
Azure Devops
Jenkins
Whitesource
--
You must verify your mobile number to apply to this job.