Job Title

Security Testing Engineer

Company Name
Pearson India
Job Type
Full-time
Qualification
B.Tech/B.E.
Experience
7 Years
Vacancies
1
Salary Offered
Not Disclosed
Job Category
Location
Bangalore, Karnataka, India
Job Description

Responsibilities:

Scoping and performing Pearson own mobile, web application, cloud, and API/Web Services tests.

Automation of security testing, and development of internal tooling, to achieve continuous assurance.

Collaboration with engineering teams to facilitate secure development, including:

Review and analysis of proposed technical solutions to identify appropriate security controls.

Input and guidance to security related technical architecture and design decisions.

Code review of features and critical security components.

Practical security testing.

Advising development community on remediation of security issues and processes to address root causes.

Security assurance reviews of third-party solutions.

Review, analysis, and reporting of external threats relevant to Pearson systems and solutions in the context of Pearson’s desired security posture.

Work with Pearson BAU Application Security team on SAST/DAST/SCA/RASP activities.

Requirements

Pearson is open-minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications.

Ideally, we would like:

7+ years technical information security experience and 3+ years of experience in Application Penetration Testing

Experience of mobile, web application, cloud, and API/Web Services penetration testing.

Strong technical knowledge in:

Web application security

API Security

Mobile security (iOS and Android)

Networking and associated protocols

Containers and Kubernetes

A desire to learn, and ability to apply technical security knowledge to new and unfamiliar areas.

SANS, CREST, OSCP or similar industry penetration testing qualification

A good understanding of applied cryptographic techniques.

Reverse engineering and exploit development capabilities.

Experience of security testing in an agile SDLC.

Threat modelling experience.

Experience performing code reviews, particularly in Java and Go.

Experience of fulfilling a client facing security consulting role.

Excellent verbal and written communication skills.

Experience in automation of security testing, with previous development experience desirable.

Recruiter's Name
--
Telephone
--
Posted Date
February 11, 2023
Additional information

--