Web application and mobile security pen tester

Posted: May 18, 2022, 10:22 a.m. - Full Time - Mumbai

Role & Responsibilities: We are looking for Individual contributor (Technical) role having ability to perform, • Application security assessments for web applications, Mobile Apps (Android, iOS), APIs, Cloud, IOT devices & Thick Client etc. o Security design reviews. o Secure Code reviews o External & internal Penetration Testing o Security automation for DevSecOps readiness. o Documentation of Security Findings & Reporting. • Perform hands-on application penetration testing as well as static and dynamic analysis, auditing results and plans for vulnerability remediation. • Remediation support with developers in the closure and follow ups to secure the solutions. • Communicate and track remediation plans with all stakeholders and where applicable recommend mitigating/compensating controls.

Skills: • Excellent verbal/written communication • Web Application Pentest with exploitation experience across various frameworks like node, angular, react along with LAMP, MEAN stack-based apps. • Proficiency in programming language (e.g. Python, BashShell, PowerShell) exposure to DevSecOps, Security Architecture review and Network Security assessment would be a bonus. • Hands-on with industry standard proxy and DAST tools (Burp Suite, OWASP zap), SQL Map, Echo Mirage, Nessus, Nmap, Metasploit & Kali Linux suite of tools • Mobile Application Pentest - Perform static, dynamic and memory analysis of Android and iOS Apps. • Stay up to date with latest CVEs/developments/news in the Cyber Security world. • Ability to multi-task, prioritize, and manage time effectively • Certifications (Good to have): CEH, LPT, ECSA, OSWE, EWPT, OSCP .