Consultant / Sr. Consultant – Web Application Testing
Looking for Professionals experienced in Web application Security testing for executing Security testing on Web and Mobile applications for our global customers.
Note: This role is only open for persons with expertise and relevant experience in Security testing of Web and mobile applications.
- Play a key role in the Application Security Testing Services for our global customers.
- Delivering effective and quality Testing on customer applications and infrastructure from Information Security perspective.
- Draw Data Flow Diagrams (DFD), prepare threat models, identify threats and suggest mitigation steps.
- Create and review security test reports and evidences.
- Provide recommendations to clients in fixing vulnerabilities.
- Develop frameworks and methodologies to evaluate security in new and emerging technologies including mobile application such as IOS, Android etc
- Lead team of testers to ensure timely and effective completion of Application testing engagements where needed.
- Managing and executing complex security testing projects, building and leading a framework, approach and team to ensure high level of quality in Security testing delivery.
- Enhancing the teams skill sets and providing high quality deliverable s while improving the efficiency of the testing
- 2-8 years of experience in Information Security Testing / Penetration testing on Web and Mobile applications (Mandatory)
- At least 2 years of application development experience in developing ASP.Net/J2EE/PHP/C/C++ applications
- Must be skilled in executing manual Security penetratiion testing on web application and networks.
- Hands on experience in network vulnerability assessment, application penetration testing
- Experience and knowledge of Application Security OWASP/SANS/OSTMM etc.
- Analyze application security architecture and understand security threats
- Strong experience with Unix/Linux and Windows operating systems.
- The candidate is expected to have good verbal and written communication skills with the ability to talk to both business teams and technical teams
- Should have certification(s) at least in one of the following:
- OSCP (Offensive Security Certified Professional)
- GPEN (GIAC Network Penetration Testing)
- GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
- GWAPT (GIAC Web Application Penetration Tester)
To apply, send your profile firstname.lastname@example.org the position applied for, in the subject line.