Web application security testing-three to four years of experience

Posted: Sept. 6, 2022, 10:36 a.m. - Full Time - Bengaluru

• Expertise in web application penetration testing and web services (API) penetration testing, mobile application security testing. • Experience with application architecture reviews, Static Code reviews. • Ability to interact with project teams to understand the security requirements and come up with solutions. • Knowledge on OWASP Top 10 and SANS Top 25 and ability to map the vulnerabilities identified against the standards. • Familiarity with web application scanners. • Experience in using manual VAPT tools like Burp suite ZAP CSRF Tester etc. • Good client interaction and presentation skills. • Good understanding of secure software development lifecycle processes across technologies, Threat modelling and cloud security assessments. • Experienced in vulnerability Assessments using Automated Scanners such as Nessus Qualys and Manual Security Testing Kali Linux Metasploit and other infrastructure security testing tools. • Ability to communicate with the project teams and explain the vulnerabilities identified. • Programming or scripting skills like Java, python, batch scripts, power shell, java scripts etc. • Knowledge on network architecture reviews would be helpful. • Experience testing applications and services on the cloud.