3 to 8 years of industry experience in Web Applications Security Assessments
Strong Web application security experience with through understanding of application vulnerabilities, automated/manual testing, auditing and remediation techniques.
Experience with application security architecture, Code Review, penetration testing and web services security.
Experience in Internal & External Penetration Testing on Network Infrastructure (including firewalls, Routers, etc)
Experience in database, application, and web server secure design, implementation & review.
Knowledge of the software development lifecycle in a large enterprise
Understanding of application security guidelines/requirements from OWASP, OSTMM
Familiarity with at least one network (Nessus, ) and web application vulnerability scanners (HP Web Inspect, Rational AppScan, with source code analysis tools (Fortify)
Additional good to have skills:
Good knowledge of security fundamentals, network/application protocols, topologies .
Experience with HP WebInspect
Instill customer confidence by working with prospects at both a technical and business level
Implement complete project life cycle - from capturing customer requirements to delivering solutions on time
Be the single point of contact for managing engagements with customers, becoming their trusted technical advisor, and a subject-matter expert
Contribute to practice development by creating reusable components and sharing key project-learnings within the practice
Assist customers and internal teams in defining and responding to RFPs / RFIs
Participate in and actively support mentoring relationships within practice
MCA / BE / B Tech