Candidate should have minimum 8 years and above hands on experience in application security testing and vulnerability assessment (VA)
Application Security Testing: Experience in web application, web services, thick client, source code review and mobile application security testing (both static and dynamic analysis) in conformance to various industry standards like OWASP top 10, SANS top 25 etc.
Expert level knowledge of tools like Burp Suite, IBM appscan (standard and source), HP Fortify, Postman, SoapUI, Checkmarx, Contrast etc.
Vulnerability assessment (VA):– Strong experience in VA on servers, hardware devices & appliances which are hosted on the corporate internal network and on external Cloud networks like AWS, GCP & Azure.
Expert level hands on experience to use Tenable Nessus software like Nessus professional, Security Center & Tenable.io, nmap, OpenSSL, SSLScan etc.
Strong knowledge of cryptography, firewall, networking, server operating systems like Window and Red Hat Linux
Hands on experience in working with DevOps and Agile teams following a secure software development lifecycle. Should be able to provide hands on leadership in improving automation and incorporating security as part of the CI/CD pipeline.
Good programming and scripting skills in languages like Java, JavaScript, Python, Perl etc.
Strong knowledge of cloud platforms (Azure, AWS and GCP) and experience in performing security tests against applications deployed in cloud is an asset
Industry certifications should be added advantage – At least one of the below is recommended apart from CEH
GIAC GWAPT
GIAC GPEN
GIAC GMOB
CISSP
OSCP
You must verify your mobile number to apply to this job.