Application Security – Security Tester(RARR Job 3361)

Position: Application Security – Security Tester – P2

• Expert in Dynamic Application Security Scan/Analysis (DAST)
• Expert in Static Application Security Scan/Analysis (source code review) (SAST)
• Knowledge of Software Composition Analysis (SCA)
•     Good knowledge of OWASP Top 10
• Expert in Vulnerability assessment of web and ; Mobile applications (internal and ; external),
• API Security Testing
• Proficient with manual and automated scanner approaches
• Knowledge of software vulnerability remediation techniques and libraries used in applications, Programming knowledge etc.
• Application Penetration Testing
• Management and configuration of SAST and ; DAST Testing Tools
• Preparing security advisories and defining the severity levels for the vulnerabilities
• Scanning, validation and reporting of vulnerabilities on daily and monthly basis
• Preparing security reports for the management
• Remediation Advisory Support

Education:
A bachelor or Masters in degree in Technology is must. English proficiency both reading and ; writing is must

Technologies /Tools:

• Burp suite, fortify (SCA and ; Web Inspect), BurpSuite Pro, Accunetix, Veracode, Checkmarx, Qualys WAS, Tenable .io Web Application, Nessus,

Certifications:
Desirable: OSCP, OSWE
Compulsory: Certified Ethical Hacker (CEH), B Tech

Other requirements:
• Good Communication skills
• Managing projects and schedules.
• Assisting in the development of exploits for complex vulnerabilities.
• Improving testing techniques and methodology via original research, custom tool development, defining new testing standards, and aligning testing procedures with various industry standards (OWASP Top 10, OWASP ASVS, NIST 800-53, etc.)."