Web/Mobile application, API Penetration Testing and Cloud configuration review on Azure/AWS
• 3-8 years of experience in relevant area.
• Expert level understanding of application security concepts at both technical and procedural level
• Expert level understanding and exploitation skills for web application vulnerabilities (OWASP, SANS25) and OIS procedures/guidelines.
• Automated VA and manual pen testing
• Hands on working experience on following DAST tools (Rapid7, BurpSuite Pro, CloudSploit, ScouteSuite)
• Experience of automating penetration testing tasks such as import API spec ( Swagger, Open API, etc ) to pentesting tools
• Understanding (technical aspects of) penetration testing and results (including scoping and organizing of pentests, use of vulnerability scanners, vulnerability management tools)
• Ability to provide remediation recommendations to developers
• False positive Analysis, Able to prepare security testing reports, provide recommendation on remediations.
• Aware of and have used OWASP Risk rating methodology for vulnerabilities reporting.
• Security Architecture controls review is an added advantage.
• Flexible for 2PM IST to 11PM IST shift
Additional Responsibilities:
• Possess end-to-end knowledge and experience in testing
• Extensive experience in test planning/ test strategy, test estimates
• Excellent communication and client handling skills
• Experience in one or more scripting languages and automation tools
• Analytical, Client interfacing and stakeholder management skills
• Knowledge of SDLC and agile methodologies
• Project and Team Management
Educational Requirements: Bachelor of Engineering
--
You must verify your mobile number to apply to this job.