Job Title

Security QA Engineer

Company Name
Tenerity India Pvt Ltd
Job Type
Full-time
Qualification
Bachelor’s Degree
Experience
6 Years  -  8 Years
Vacancies
1
Salary Offered
Not Disclosed
Job Category
Location
Pune, Maharashtra, India
Job Description

Responsibilities:
Security testing estimation, test design and planning and test execution for projects assigned.
Expertise in web application penetration testing and network penetration testing
Experienced in vulnerability Assessments using Automated Scanners and Manual Security Testing
Experience with application security architecture, Threat modelling, Static Code Reviews
Understanding of application security guidelines/requirements from OWASP Top 10/OSTMM/WASC/ PCI-DSS/PII
Familiarity with at least one network pen testing (Nessus or Metasploit) and web application vulnerability scanners (Acunetix /HP Web Inspect/IBM AppScan and with source code analysis tools (Sonarcube/Vera code/ Checkmarx)
Experience in using manual VAPT tools like Checkmarx/Burpsuite/ZAP/CSRF Tester etc
Certifications desired CEH/ECSA/LPT. Additional certifications like CISA or CISSP will be a significant advantage
Conducting Application Security Assessment for Web and Mobile applications.
Reviewing application code against security coding baseline and practices (SAST)
Performing API Security Testing
Creating POC for the reported vulnerabilities.
Working with OWASP top 10, SANS 25, WASC security standards.
Working on vulnerability management, guiding and helping teams to remediate the vulnerabilities reported in VAPT.
Working with different open source and industry standard security tools like Burpsuite , Sonarqube, Checkmarx, Zap etc.
Provides training and technical assistance to members of the automation team. May assist with training on software enhancements. May cross-train and mentor less experienced QA team members.
Evaluate current procedures and practices for accomplishing the assigned work functions objectives to develop and implement improved procedures and practices and to ensure compliance with required standards.
Collaborate with Information Protection team, Compliance team, Functional QIA Lead, Business Project Managers, Technical Deliver Managers, Applications Development and Infrastructure managers to document, investigate and resolve security issues.
Provide test security test reports with recommendations to project stakeholders.
Keeps abreast of software industry “Best Practices” and trends in security domain and communicates new information to QA team.
Perform other duties as assigned or self-initiated.

JOB REQUIREMENTS
6-8 years of Security testing in web sites, mobile applications and SOAP/REST services industry experience.
Bachelor’s Degree in Information Technology or related field, or equivalent combination of education and experience, preferred.
Comprehensive knowledge of manual penetration testing and application debugging from a technical perspective.
Wireless and Mobile Applications Security Testing
Good understanding of secure software development lifecycle processes across technologies.
Dot Net and Java knowledge / experience
Experience with defect tracking/management software and ability to formulate metrics. Comprehensive knowledge with Jira, Confluence, SharePoint
Strong verbal and written communication skills.
Ability to work in a fast-paced dynamic team-oriented environment.
Ability to meet aggressive deadlines and handle multiple and complex projects.
Strong knowledge and proficiency with Microsoft Office suite of applications (Word, Excel, PowerPoint, Outlook, Project).

Recruiter's Name
--
Telephone
--
Posted Date
August 25, 2022
Additional information

--