Information security engineer - bangalore locationPosted: Jan. 12, 2021, 11:07 a.m. - Full Time - Bangalore
Position: Information Security Engineer
Mandatory skills: Network, Web application and mobile Application VAPT, MANUAL TESTING, Not tool based; communication skills,
Optional skills: Secure Code Review
Experience (In years): 2 to 4 years
Type of hiring: Permanent
Number of openings: 1
Mandate skill: Security code review, static analysis security testing, dynamic application security testing, mobile development and securing mobile applications (iOS, Android, other), Threat/Attack modeling, Secure coding practices, Web Development technologies.
Perform Network, web application and mobile penetration testing
Hands on experience with manual testing and validation of the identified vulnerabilities
Prepare reports documenting identified issues with business risks and detailed proof of concept
Interact with clients to deliver results, provide feedback and remediation on findings
Work on improvements for provided security services, including the continuous enhancement of existing methodology, material and supporting assets
Good Knowledge and experience of conducting vulnerability assessments and penetration testing (VAPT) of networks, web applications, mobile apps as per standards such as PTES, OWASP Top 10, SANS/CWE Top 25, NIST.
Ability to analyze web-application, mobile application, source code review, work flows and perform manual testing.
Analyze application security vulnerabilities found through testing and collaborate with development and other internal technical teams to provide mitigation steps to reduce the risk.
Familiarity of Secure SDLC is a plus
Should have hands-on experience with at least one programming/scripting language from PHP, C#, ASP .Net, Java, Python, Ruby, Java-scripting Should be strong in basic concepts in networking and operating system such as windows and Linux