7-10 years of industry experience in Web Applications Security Assessments
Strong Web application and Web services security experience with through understanding of application vulnerabilities, automated/manual testing, auditing and remediation techniques.
Experience in Internal & External Penetration Testing on Network Infrastructure (including firewalls, Routers, etc)
Experience in database, application, and web server secure design, implementation & review.
Experience in Mobile (android and ios) application security assessment.
Understanding of application security guidelines/requirements from OWASP, OSTMM
Experience with application security architecture, Threat Modeling and Code Review
Familiarity with at least one network (Nessus ) and web application vulnerability scanners (HP Web Inspect, Rational AppScan, with source code analysis tools (Fortify)
Strong experience with Unix/Linux and Windows operating systems.
Good knowledge of security fundamentals, network/application protocols, topologies.
Good knowledge of reverse engineering, fuzzing & exploit development.
Good to have experience in presenting at national and international security conferences/events.
Certifications : OSCP, SANS GWAPT, SANS GPEN
Instill customer confidence by working with prospects at both a technical and business level
Implement complete project life cycle - from capturing customer requirements to delivering solutions on time
Be the single point of contact for managing engagements with customers, becoming their trusted technical advisor, and a subject-matter expert
Contribute to practice development by creating reusable components and sharing key project-learnings within the practice
Assist customers and internal teams in defining and responding to RFPs / RFIs
Participate in and actively support mentoring relationships within practice