Job description:
- Experience in performing security Vulnerability Assessment of Web & Mobile Applications and cloud infrastructure.
- Experience performing white box and Black box application penetration testing (Web, APIs, Mobile, Thick clients) and on cloud infrastructure.
- Experience in keeping track of security threats and patches for various software and libraries being released and updated in our organization.
- Experience in integrating Security Tools with CI/CD Pipeline.
- Experience with scripting language like perl/php/python/bash languages.
- Excellent skills with application security testing tools such as: OWASP ZAP, SQLMap, etc.
- Experience performing manual application source code security reviews for languages such as: Java, Python, Dart, Javascript.
- Experience in OWASP Mobile application security testing methodology and application security testing methodology.
- Experience in supporting ISO27001 audits is highly desirable.
- Good knowledge of OWASP Top 10 , SANS Top 25 and CWE vulnerabilities.