Job Description
You must be knowledgeable with business risks associated to common security vulnerabilities and to be able to effectively communicate complex technical concepts such as security vulnerabilities to application developers and/or senior managers who may have little to no experience with application security.You must have the ability to work independently in a very large scale, enterprise setting and collaborate with peer team members. Previous experience as an application security professional with a large Financial Institution a plus.
Requirements
Education:B.E. / B. Tech/M.E. /M. Tech
Certifications, If Any:GWAPT, CEH, OSCP, SANS, CEH
+ years
Foundational Skills:
- Strong hands-on experience in conducting comprehensive manual penetration tests and source code reviews against web, API, mobile applications, services, platforms, systems, and networks to identify security vulnerabilities.
- Solid experience in using various security tools such as Invicti, SoapUI, Burp Suite Pro, Checkmarx, Kali Linux, Metasploit, etc.
- Very Good Communication & Interpersonal skills.
- Knowledge of network and Web relatedprotocols/technologies.
- Experience with latest penetration testing techniques (e.g., web application proxies, packet capture analysis software, browser extensions, advanced penetration testing tools (full stack), Linux distributions, Windows OS, etc.).
- Experience of penetration testing on mobile platforms such as iOS, Android, and mobile device simulators.
- Solidprogramming/debuggingskills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Python, Perl, Shell script, Objective-C, and SOAP/REST web APIs.
- Expert-level experience and knowledge in the following areas:
- Authentication and security protocols.
- Application session management.
- Applied cryptography.
- Common communication protocols.
- Mobile frameworks.
- Single sign-on technologies.
- Development frameworks (Angular, React, etc.).
- Exploit automation platforms.
- Knowledge of a Structured Query Language.
- Developer experience or coding background (nice-to-have).
Desired Skills:
- Experience of penetration testing and source code reviews on web, API and mobile platforms.
- Solidprogramming/debuggingskills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON, Objective-C, and SOAP/REST web APIs.
Work Timings:11:00 AM to 8:00 PM
Hyderabad, Mumbai