Application Security Test Engineer - Penetration/Grey Box Testing (3-7 yrs) Mumbai (Quality Assurance)
Pioneer Financial & Management Services Ltd.
Mumbai
6d ago
source : hirist.com

We have an opportunity with our organization for the Mumbai Malad location.

Role : Application Security Testing

Exp : 3 -7 Years

Required Skills : Grey box, penetration, HP Fortify, Source code review

Direct Job Responsibilities :

  • Perform source code review using an automated tool (preferably Fortify) and manually verify all identified vulnerabilities to eliminate false positives.
  • Perform Grey Box and / or Penetration testing on web, Mobile (iOS, Android), API, thick-client applications.
  • Analyze application security requirements and create security test cases for the application.
  • Document and report all findings.
  • Escalate issues to the local management and onshore stakeholders in case it affects the test progress.
  • Help review peer's work as and when required.
  • Actively participate in discussions with the development team to assist with the best mitigation practices to be followed.
  • Share testing progress with Managers and escalate issues to the local management and onshore stakeholders when affecting the test progress.
  • Contributing Responsibilities :

  • Participate in daily stand-ups.
  • Participate in tool evaluation exercises; exploring opportunities to help reduce efforts spent.
  • Constantly improve security testing methodologies by automation or R&D of new tools / attack vectors.
  • Technical & Behavioral Competencies :

  • Excellent Interpersonal and presentation skills.
  • Strong Time Management.
  • Strong in verbal and written communication.
  • A clear understanding of OWASP Top 10 - application security risks.
  • Tools / OS : Fortify SCA, Burp Suite Professional, Kali Linux.
  • Manual Security Testing & Analysis.
  • Must be flexible, independent, self-motivated.
  • Good analytical skills.
  • Mandatory :

  • Should have hands-on knowledge in Source Code Analysis (both tools based and manual analysis of reported issues).
  • Should have worked on either Grey box Assessment / and Penetration testing or both.
  • Should have good communication skills.
  • Should have good time management skills.
  • Should have a thorough understanding of OWASP Top 10 categories of vulnerabilities.
  • Should be a quick learner.
  • Specific Qualifications (if required) : CSSLP / CEH / ECSA certification preferred

    Location : Mumbai Malad Location

    Notice Period : Immediate to 1 Month.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form