Conduct Vulnerability Assessment and Penetration Testing (VAPT) on Web Applications, Mobile Applications - iOS and Android apps, APIs.

Adequate knowledge of Web applications, Web Services, and Service-Oriented Architectures like REST, SOAP, SSL/TLS, HTTPS, and related protocols.

Knowledge and hands-on experience with commercial and open-source security testing tools like Kali Linux, Burp Suite, Qualys, OWASP ZAP, MobSF, Arachni, Microfocus Fortify etc.

Well versed with OWASP Top 10 & SANS top 25 issues and their mitigations.

Knowledge and experience in manual and automated source code reviews.

Knowledge of Secure SDLC, Application Security Pipelines, Threat Modelling frameworks like STRIDE, DREAD, etc.

Hands-on experience in scripting and coding of Python, JavaScript, PHP, Shell etc. is advantageous.

Broad knowledge and experience across IT infrastructure with security frameworks and standards such as ISO 27001, NIST, PCI, and other relevant security-related regulations.

Should be able to manage and complete security related projects within Timeline

Qualifications B. Tech/B.E/BCA/MCA.

Experience 2-6 Years