We have an opportunity with our organization for the Mumbai Malad location.
Role : Application Security Testing
Exp : 3 -7 Years
Required Skills : Grey box, penetration, HP Fortify, Source code review
Direct Job Responsibilities :
Perform source code review using an automated tool (preferably Fortify) and manually verify all identified vulnerabilities to eliminate false positives.
Perform Grey Box and / or Penetration testing on web, Mobile (iOS, Android), API, thick-client applications.
Analyze application security requirements and create security test cases for the application.
Document and report all findings.
Escalate issues to the local management and onshore stakeholders in case it affects the test progress.
Help review peer's work as and when required.
Actively participate in discussions with the development team to assist with the best mitigation practices to be followed.
Share testing progress with Managers and escalate issues to the local management and onshore stakeholders when affecting the test progress.
Contributing Responsibilities :
Participate in daily stand-ups.
Participate in tool evaluation exercises; exploring opportunities to help reduce efforts spent.
Constantly improve security testing methodologies by automation or R&D of new tools / attack vectors.
Technical & Behavioral Competencies :
Excellent Interpersonal and presentation skills.
Strong Time Management.
Strong in verbal and written communication.
A clear understanding of OWASP Top 10 - application security risks.
Tools / OS : Fortify SCA, Burp Suite Professional, Kali Linux.
Manual Security Testing & Analysis.
Must be flexible, independent, self-motivated.
Good analytical skills.
Should have hands-on knowledge in Source Code Analysis (both tools based and manual analysis of reported issues).
Should have worked on either Grey box Assessment / and Penetration testing or both.
Should have good communication skills.
Should have good time management skills.
Should have a thorough understanding of OWASP Top 10 categories of vulnerabilities.
Should be a quick learner.
Specific Qualifications (if required) : CSSLP / CEH / ECSA certification preferred
Location : Mumbai Malad Location
Notice Period : Immediate to 1 Month.