Vapt penetration tester
Posted: May 15, 2024, 8:01 a.m. - Full Time - Noida pune bangalore gurgaonWe are seeking an experienced Application Security expert with a strong background in implementing security tools such as Check Marx, Veracode, and SonarQube VM tool such as Rapid7 Tenable.io Qualys, AppScan. The successful candidate will be involved in conducting Static Application Security Testing (SAST/DAST/DevSecOps) scans, analyzing results, performing manual code reviews, and providing remediation support. Responsibilities: Conduct secure code reviews for a variety of programming languages, including Java, C#, PHP, Python, Perl, C/C++, and SQL. Perform detailed security assessments for Web Applications, Mobile Applications, and Cloud Infrastructure. Identify security vulnerabilities in source code using both automated tools and manual techniques. Develop and customize content related to vulnerability descriptions, business impacts, and remediation strategies. Train and mentor developers on secure coding practices and vulnerability remediation. Research and recommend open-source tools for enhancing secure code review processes. Deliver secure coding and remediation training sessions to development teams. Assist in the development and delivery of security assessments, ensuring team members are equipped with the necessary skills for effective delivery. Advocate for the integration of automated application security testing within the Software Development Life Cycle (SDLC), emphasizing DevSecOps practices. Provide expertise in one or more of the following areas: Web, Mobile/Network Penetration Testing, Cloud Infrastructure, and DevSecOps. Support Request for Proposals (RFP) and deliver presentations to potential customers. Qualifications: Proven experience with SAST, Software Composition Analysis (SCA), and penetration testing across web, mobile, and cloud platforms. Strong ability to analyze and interpret tool results and perform manual code reviews. Certifications such as Offensive Security Certified Professional (OSCP) or other relevant security certifications are highly preferred. Excellent communication and mentoring skills. Ability to work collaboratively in a team environment and lead secure coding initiatives.