Key Tasks and Responsibilities:
Hands-on experience in performing security assessments of web-based applications including threat modelling, vulnerability assessments, and penetration testing.
Knowledge of current information security threats.
Knowledge of security bug classification frameworks such as CVSS and DREAD, and experience applying security bug classification methods.
Development and/or vulnerability testing experience with web frameworks.
Experience with vulnerability scanners, as well as with web application testing tools such as Burp, OWASP Zap, Nessus, Nmap, NeXpose, Metasploit.
Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools
Experience with software development programming languages such as ASP.NET, C#, Perl, Python, PHP.
Develop POCs to demonstrate security issues
Desired Qualification & Experience:
Over 4+ years of relevant web, mobile security experience, security assessments, source code analysis, application security vulnerability research, vulnerability management mitigation and remediation.
Certifications: CEH, CISSP, OSCP/OSCE and SANS (Gold) are preferable.
Agile model (Scrum) understanding & experience.
Ability to work independently with a team of engineers locally and peer teams abroad with minimum guidance.