Close but not Perfect? See more jobs like this
Perform manual security testing of web applications and API's hosted in Cloud and on-premises infrastructure.
Perform manual security testing of Thick Client / Desktop Apps using re-engineering techniques via tools like Echo Mirage, IDAPro, CFF Explorer, Dnspy, MS sys-internals, Wireshark, dotpeek, ghidra.
Perform manual security testing of Mobile applications build for Android, IOS platform using tools like GenyMotion, Drozer, MobSF, Android Studio.
Install, configure, use and maintain scanning and testing tools used for testing web apps/ API's/ Thick client/ mobile apps.
Knowledge/Experience of working with Burp Suite.
Manually verify security vulnerabilities identified by automated tools.
Should have an understanding of assessing severity of the vulns identified during testing based on the CVSS scoring mechanism
Meet with application team to collect information and determine scope of testing
Provide status and resolve issues that impact testing as required
Document identified security vulnerabilities and related matters in a clear, concise and timely manner.
Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation.
Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities.
Qualifications:
6-7 Years of Experience in Web Application, Web API Penetration Testing, Thick client Testing, Mobile application testing, ideally in Finance Domain.
Experience in conducting security assessment of AWS components such as S3 buckets, EC2 instances, Lambda functions, SNS etc ) being used by the cloud hosted applications
Experience using Burp Suite & OWASP ZAP & other tools required to conduct security testing of Thick client apps and mobile apps.
Sound knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, etc.) and programming patterns that lead to them, as well as remediation techniques.
Working knowledge of authentication and identity management technologies.
Strong interpersonal and communication skills; ability to work in a team environment
Ability to work independently with minimal direction; self-starter/self-motivated
Think you're the perfect candidate? Apply to this job
Apply on company site