Vulnerability Researcher (Web, Android & iOS)

Globals Ites

Early Applicant

5 months ago
Be among the first 50 applicants

Exp: 1-3 Years

Full time

Bengaluru / Bangalore, India

Job Description

As a Web, Android, and iOS Vulnerability Researcher at [SME Name], you will play a crucial role in identifying, analyzing, and mitigating security vulnerabilities across our web, Android, and iOS platforms. You will work closely with our development and security teams to ensure the safety and integrity of our applications and systems. Your expertise in discovering and reporting security flaws will be instrumental in maintaining a secure environment for our users and data.

Key Responsibilities:

Conduct thorough security assessments of web, Android, and iOS applications to identify vulnerabilities such as cross-site scripting (XSS), SQL injection, authentication bypass, insecure data storage, and more.
Perform both manual and automated security testing to identify potential weaknesses and areas of concern.
Utilize various testing tools and techniques to uncover vulnerabilities, including static analysis, dynamic analysis, and penetration testing.
Collaborate with the development team to provide guidance and recommendations for implementing security best practices and remediation strategies.
Document and report identified vulnerabilities with clear explanations, technical details, and suggested mitigation steps to the development and security teams.
Participate in security discussions, code reviews, and design reviews to proactively address security concerns during the development lifecycle.
Assist in the creation and maintenance of security guidelines, standards, and documentation for web, Android, and iOS development.
Contribute to the continuous improvement of the security posture of our applications and systems.

Requirements Skills:

Minimum of 1 year of professional experience in vulnerability research, penetration testing, or related security roles.
Solid understanding of web application security principles, mobile application security, and common vulnerabilities.
Familiarity with security testing tools such as Burp Suite, OWASP Zap, Nmap, etc.
Experience with Android and iOS application security assessment tools and methodologies.
Knowledge of programming languages commonly used in web, Android, and iOS development (e.g., Java, Kotlin, Swift, JavaScript).
Excellent communication skills, Strong problem-solving skills and the ability to think like an attacker to uncover potential vulnerabilities.
Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar, are a plus.
Should have in-depth knowledge on OWASP Top 10 and SANS 25.
Should have knowledge about Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumerations (CWE).
Bachelors degree in Computer Science, Information Security, or equivalent experience.