Job description

The job entails conducting penetration testing for both thin and thick client-based applications and performing manual and automated security assessments including web, API, and mobile application security. Required skills include excellent understanding of web application security, secure coding, proficiency in application security concepts, familiarity with OWASP Top 10, and experience with various vulnerability scanning tools.

Responsibility

• Conduct Penetration testing for thin & thick client-based applications.
• Manual security assessments of web applications on thick & thin clients.

Qualifications

• Conduct Penetration testing for thin & thick client-based applications.
• Manual security assessments of web applications on thick & thin clients.
• Conduct application security on Manual & Automated assessments.
• Perform Web Application and API Security Testing
• Perform Mobile application security assessment.
• Perform network penetration testing, system vulnerability assessment & security configuration review
• Excellent understanding of web application security and secure coding.
• Proficient in Application Security concepts and OWASP Top 10.
• Understanding of vulnerability assessment/penetration testing.
• Experience with application vulnerability scanning tools (e.g., IBM AppScan, HP Web Inspect, Acunetix, NTO Spider, BurpSuite, Nessus, Nexpose)
• In-depth knowledge and experience with OWASP and SANS standards.
• Web App Security (Burp Suite, Manual & Automated Testing, Comfortable in Black Box/WhiteBox testing with the capability of finding business logic vulnerabilities, OWASP testing guide)
• Rich script development in Perl/Ruby/Php/Python
• Relevant certifications (OSCP/CSSLP/CISSP)
• Strong Communication skills.