Perform comprehensive Dynamic Application security Testing (DAST)
Understand and analyze the applications from security point of view.
Understand the application security risks and Threat modeling of applications
Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.
Able to guide and support development teams to fix the security vulnerabilities in the code.
Preferred Experience:
4 -9 years of work experience in Application Security Testing
Understanding and familiarity with common code review methods and standards
Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
Application development experience
Experience in a wide variety of languages, which includes C/C++, Java, .Net, Perl, Python and etc.
Research and pilot new services / technologies to support secure software development
Knowledge of standard SDLC practices
Experience in application security penetration testing
Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
Knowledge in cloud & Big data application security testing
Sufficient understanding or exposure to testing application on below technology will be helpful
REST API
Cloud Foundry
Encryption
Data storage for SQL, Oracle etc.
Big Data / Analytics / Cloud
Educational Qualifications:
Bachelor degree with concentration in Computer Science, Information Systems, Information Security or similar would be preferred.
Preferred Security certifications
Ideally, candidate will possess any one of the below Security certifications(but not mandatory)
CEH
ECSA
LPT
OSCP
--
You must verify your mobile number to apply to this job.