Experience: 2 to 4 yrs
Position: Senior Consultant (Application Security Testing)
In this role, you need to go beyond traditional testing services to help our clients identify, remediate, and prevent vulnerabilities in the applications that power their business. You need to have a holistic approach to application security offers a balance of managed and professional services and products tailored to fit client’s specific needs. As a security professional you should have the ability to provide remediation guidance, program design services, and training that empower build and maintain secure applications.
Responsibilities:
Ability to collaborate with project team members, take direction from the project lead and execute tasks consistently
Can Conduct Source Code Analysis
Can Conduct Software Penetration Testing
Can Conduct Architecture Security Analysis
Can Conduct Secure Software Design and Architecture analysis
Conduct Database Security Analysis
Knowledge on Network Security Analysis will be an added advantage
Familiarity with at least Java or .Net (Should be able to read and understand enterprise code and write basic code)
Experience with other languages (e.g. JavaScript, Python, Ruby, PHP, Perl, COBOL, SQL, or Assembly) (Desired)
Familiarity with software security weakness, vulnerability and secure code review. Experience conducting secure code review is a plus
Familiarity with security vulnerabilities and how those things appear in code
Ability to look understand vulnerable code and security implications
Basic knowledge of remediation of security issues
Software architecture experience (web application, web services, API gateway, cloud native apps).
Software development experience in Java / .NET / JavaScript / django / python.
Software build process experience (e.g., Jenkins, TeamCity, Bamboo, TFS, maven, msbuild).
Basic knowledge of Cloud computing in any of the Cloud platforms like AWS, Azure, GCP or Ali Cloud.
Any professional certifications on these Cloud technologies or hands-on exposure of Cloud config reviews would be given preference.
Prior exposure of Architecture review/Threat modeling of applications and relevant tools
Hands-on exposure of Software Composition Analysis or familiarities with SCA tools.
Education Qualification:
Bachelor’s Degree in Computer Science, Engineering or equivalent. Master’s Degree preferred