Description:
Roles and Responsibilities:
- Hands-on Experience is performing Network Security Assessment and vulnerability Assessment. (Web / Android /iOS)
- Conduct Penetration Testing, secure coding, secure coding review, application Security Assessments and application design review.
- Conduct and compile findings on new vulnerabilities.
- Conduct scans and tests to find vulnerabilities in IoT devices.
- Perform IoT penetration tests on various types of applications, networks, systems, and infrastructure.
- Good understanding of OWASP top 10 and web Application security audits.
- Manual Penetration Testing skills and techniques are required besides automated tools and frameworks.
- Mobile application security assessment. (iOS / Android)
- Good understanding Mobile application OWASP Top 10.
- Create project deliverables / reports and assist the immediate supervisor during submissions.
- Analyzing bugs in code and mitigate run time damage in Production.
- Communicating with the concerned team for better explanations of security issues and preparing Security testing reports for the security observations.
- Conducting Security Audit to minimize IT security Risk.
- Preparing reports, reviewing supported documentation
- Validated Data and analysis with the external audit
- Validating the manual testing reports on quarterly basis with external audit for application related security.
Candidate must be able to:
- Proven experience in securing application.
- Technical domain knowledge - deep understanding and knowledge of the application security technical domain including Threat Modelling, Security by Design, Secure Coding and Software Assurance.
- Familiarity with common security libraries, controls, and common security flaws
- Architecture and design knowledge.
- Ideally five or more years' experience in programming, with three or more years' experience in application security engineering.