Job Seekers, Please send resumes to resumes@hireitpeople.comMust Have Skills:
- DAST
- SAST
- Certified in security
- Minimum of 4 - 5 years hands-on experience in Application Security assessment DAST and SAST.
- GWAPT or CISSP certification.
Nice to have skills:
- Certifications
- Mobile security testing
Detailed Job Description:
- Performs application security assessments and guide remediation activities as part of the application security
- Guides and performs security assessment activities including vulnerability testing and analysis (both tool based and manual), code review, static and dynamic code testing, ethical hacking and business logic exploit testing.
- Integration of Application security activities in CI/CD pipeline
- Ensures teams are validating for OWASP and performing industry leading application security practices
- Creates application assessment process documents, like requirements document, reports on application assessment findings etc
- Collaborate with stakeholders to explain the findings and proposed remediation
- Provide dashboard reports on status of project
Required Skills for Application Security:
- Experience as a Security Engineer specifically for Applications /Understanding of SSDLC Framework.
- Strong background with application security assessments.
- Experience in application security assessments (white box, black box and code review).
- Hands on experience with application Security tools like IBM AppScan, Fortify, Web Inspect, BurpSuite etc.
- Experience in integrating application security processes in CI/CD pipelines
- Knowledge of Application security processes and standards including OWASP, CVSS rating, factors impacting risk rating etc
- Experience creating documents and reports
- Excellent communication and collaboration skills
- Some system administration and scripting experience with at least SQL databases (PL/SQL Scripting and Oracle Database Tools are a plus
- 4 years of experience with Security Best Practices, cyber security, implementing enterprisegrade security solutions
- Proficient in Web Application Security, Vulnerability Assessment Penetration Testing VAPT, Mobile Apps Security Testing, Network Infrastructure Vulnerability Assessment, Cybersecurity analysis etc.
- Tool Management Manage
- Operate the existing tools like Fortify, WebInpsect, SonaType, Secure Code Warrior etc. in order to manage the security policy
- Experience in tools such as Burp Suite
Minimum years of experience: 5+
