VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (L2)
Application Security Code Review - SAC (L2), QualysGuard (L2) Tenable (L2)
Certification :- LPT – Licensed Pen Tester from EC-Council.
OSCP – Offensive Security Certified Professional Certification.
This role will assess and identify application security threats and risks. The job includes technical security assessments of applications and its infrastructure, application design reviews as well as application security risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
This role will be responsible for applying cyber security knowledge and threat intelligence to focus the application security / penetration testing on below applications
· Web applications
· Web services
· Mobile applications
· IOT applications
· Thick / Thin client applications
· Standalone applications
Key Responsibilities:
Perform security reviews of application designs, source code and its deployment.
Perform security penetration testing of applications.
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits of Web, Mobile and IOT based applications.
Develop clear and concise security tests reports and its executive summaries.
Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate these to assess vulnerability and risk.
Continuous improvements to existing methodology material and supporting assets of application security testing tools, processes and procedures.
Job Requirements:
A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
5+ years of working experience in IT Security, preferably with exposure to application security testing that includes source code review and application security tests.
Experience in drafting and documenting Penetration Testing Methodologies for all kinds of applications.
Experience in Penetration testing, including web application testing and ideally mobile application and web application security testing.
Experience with various security tools and products (Fortify, AppScan, etc…).
Experience with scripting languages such as python, ruby, POSIX shell
Good understanding of the components of a secure DLC/SDLC.
Strong time management skills, self-directed, with the ability to meet verbal and written deadlines.
Good English communication skills and able to collaborate with techno-functional stakeholders.
Skills
VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (L2)
Application Security Code Review - SAC (L2), QualysGuard (L2) Tenable (L2)
Certification :- LPT – Licensed Pen Tester from EC-Council.
OSCP – Offensive Security Certified Professional Certification.
This role will assess and identify application security threats and risks. The job includes technical security assessments of applications and its infrastructure, application design reviews as well as application security risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
This role will be responsible for applying cyber security knowledge and threat intelligence to focus the application security / penetration testing on below applications
· Web applications
· Web services
· Mobile applications
· IOT applications
· Thick / Thin client applications
· Standalone applications
Key Responsibilities:
Perform security reviews of application designs, source code and its deployment.
Perform security penetration testing of applications.
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits of Web, Mobile and IOT based applications.
Develop clear and concise security tests reports and its executive summaries.
Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate these to assess vulnerability and risk.
Continuous improvements to existing methodology material and supporting assets of application security testing tools, processes and procedures.
Job Requirements:
A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
5+ years of working experience in IT Security, preferably with exposure to application security testing that includes source code review and application security tests.
Experience in drafting and documenting Penetration Testing Methodologies for all kinds of applications.
Experience in Penetration testing, including web application testing and ideally mobile application and web application security testing.
Experience with various security tools and products (Fortify, AppScan, etc…).
Experience with scripting languages such as python, ruby, POSIX shell
Good understanding of the components of a secure DLC/SDLC.
Strong time management skills, self-directed, with the ability to meet verbal and written deadlines.
Good English communication skills and able to collaborate with techno-functional stakeholders.