Web Application and Mobile security Pentester

Role & Responsibilities:

We are looking for Individual contributor (Technical) role having ability to perform:

Application security assessments for web applications, Mobile Apps (Android, iOS), APIs, Cloud, IOT devices & Thick Client etc.

o Security design reviews.

o Secure Code reviews

o External & internal Penetration Testing

o Security automation for DevSecOps readiness.

o Documentation of Security Findings & Reporting.

Perform hands-on application penetration testing as well as static and dynamic analysis, auditing results and plans for vulnerability remediation.

Remediation support with developers in the closure and follow ups to secure the solutions.

Communicate and track remediation plans with all stakeholders and where applicable recommend mitigating/compensating controls.

Skills:

Minimum experience of 3 years in application security and penetration testing.

Web Application Pentest with exploitation experience across various frameworks like node, angular, react along with LAMP, MEAN stack-based apps.

Proficiency in programming language (e.g. Python, BashShell, PowerShell) exposure to DevSecOps, Security Architecture review and Network Security assessment would be a bonus.

Hands-on with industry standard proxy and DAST tools (Burp Suite, OWASP zap), SQL Map, Echo Mirage, Nessus, Nmap, Metasploit & Kali Linux suite of tools

Mobile Application Pentest - Perform static, dynamic and memory analysis of Android and iOS Apps.

Excellent verbal/written communication

Stay up to date with latest CVEs/developments/news in the Cyber Security world.

Ability to multi-task, prioritize, and manage time effectively

Educational Qualifications: BE/B.Tech/ MCA from a reputed, recognized institute.

Certifications (Good to have): CEH, LPT, ECSA, OSWE, EWPT, OSCP .