Application Security/ Penetration Testing Expert

Adecco Peopleone India Pvt. Ltd.
  • Bangalore
  • Confidential
  • 6-10 years
  • 23 Jun 2015

  • IT/ Information Technology

  • IT/ Technology - Security
Job Description

Perform penetration testing of our application on an on-going basis, as part of our Software Development Lifecycle

Document technical issues identified as part of pen testing exercises and communicate results with the team

Participate in code reviews to ensure secure programming practices are being followed, and help educate other team members on how to improve their security posture and avoid common programming pitfalls

Cross-train other team members

Keep up to date with changing technologies, attack methods

Required Qualifications:

Expert in web application security

Familiarity with OWASP Top Ten & other secure programming guidelines

Experience testing web applications for common security vulnerabilities such as input validation vulnerabilities, cross-site scripting, SQL injection and insecure direct object references

Ability to demonstrate manual web application testing experience; i.e. candidate must be able to simulate a SQL inject attack without the use of tools.

Experience with pen testing tools, and network and application security scanners (Nmap, Nessus, Metasploit, etc.)

Strong communication and teaching abilities

Desired Qualifications:

Object-oriented Perl software development experience, especially web and network applications

Alternatively, experience with other modern scripting languages used for web application development (Ruby, Python, PHP)

SQL database experience; especially Postgres

Linux system administration; especially RHEL / Fedora / CentOS

Infosec and/or pen testing certifications are a plus

Experience participating in Capture-the-Flag / ethical hacking challenges

Job Posted By