Job Description
Role and Responsibilities
• 3-10 years of experience in Application Security & Infra Vulnerability Management.
• Good experience in Product/Applications Dynamic Application Security Testing, Static Application Security Testing & Infra Vulnerability Management.
• Conduct Vulnerability assessment, penetration testing, PCI Scanning, support 3rd party pen test and remediation.
• Experience in false positive analysis, remediation advice and vulnerability tracking through ticketing systems.
• Expert level knowledge in source code review using automation tools and manual approach.
• Expertise in conducting Application Security code review for JAVA/.Net/C++ etc.
• Knowledge on Application security vulnerability based on standards such as Common Weakness Enumeration(CWE) and OWASP.
• Social engineering attack background. Scripting knowledge in Python or power shell etc.
• rchitect, Design and Develop Application Security Architecture.
• Experience in preparing Thread Modelling of Applications.
• Good verbal and written communication skills.
• CEH V9 and or CISSP will be an added advantage.
Tools Experience: Webinspect(DAST), AppScan Standard(DAST), Fortify (SAST), BurpSuite, OWASP Zap Proxy, Nessus, Qualys, NMap, Metasploit etc.