Total IT experience ranging from 7 to 14 years
At least 6 years of experience in application security testing (Web), secure code review, Mobile PT, and Infra PT
Should have performed DAST and SAST for web and mobile applications (developed in Java, ASP, .NET, C++, C#, PHP etc)
Should be able to handle Client Meetings and Escalations
Experience in handling RFPs, Test estimates, Test planning etc.
Able to manage security testing team
Good knowledge of security technologies for secure software development such as cryptography, authenticcation techniques and protocols, etc.
Co-ordinate with multiple Development Teams to understand application architecture, perform threat profiling, to be able to perform a comprehensive manual code review.
Knowledge in Cloud Fundamentals such as AWS, Azure, etc.
Should be proficient in Application Security Concepts, familiar with OWASP Top 10, SANS top 25 and in other security best practices.
Certifications such as CEH, eJPT, Azure/AWS cloud certificatios
Basic understanding HTTP, SOAP/REST, SSL/TLS protocols/technologies
Should have excellent communication Written, Oral and presentation skills.
Tools: Proficiency in most of the tools in each category
Secure code review – Checkmarx, Fortify
DAST – Burpsuite Pro, Appscan, Webinspect, ZED Proxy etc.
Mobile PT – Mob SF Framework, Frida, Objection, NowSecure
High level programming languages : Python, Java, C, .NET
--
You must verify your mobile number to apply to this job.