Job Seekers, Please send resumes to resumes@hireitpeople.com
Job Details:
- Thorough understanding on Web architecture, web technologies and frameworks.
- To perform information gathering on the target application or system through review of its technology stack, business functionality, architecture, criticality, security controls etc.
- Participate in Meetings and technical discussions with the application Stakeholders.
- Prepare test plan, test strategy & security test cases.
- Full fill all the Testing pre-requisites as required for the application under the scope.
- Perform Penetration testing on theTarget Web Application or API to find vulnerabilities that covers wide range of prevalent security issues but not just limited to OWASP top 10, SANS 25
- Configure and run web vulnerability scanners such as WebInspect and AppScan
- Knowledge on Static secure code analysis using tools such a Fortify, Checkmarx etc. on code written using Java, C++, ASP .NET
- To document the identified issues and report them to the appropriate stakeholders.
- Record and track vulnerabilities using the Vulnerability Management System
- To provide consultation and guidelines for vulnerability remediation to the developers.
- Validate security fixes and to ensure the adequacy of the implemented security solution.
- Installation, maintenance and configuration of security assessment tools like Fortify SCA, Web-Inspect, IBM AppScan and other assessment tools used by the team.
- To provide support and remediation guidance in the event of security incidents.
- To lead and co-ordinate project activities within the team to deliver the project assignments on schedule.
- Good Knowledge on threat modeling.
- To update the security knowledge base and testing methodologies based on latest and zero-day vulnerabilities.
- Mentor and provide technical guidance to a team of App Security engineers.
Interview Process (Is face to face required?): No.
