Consultant / Sr. Consultant – Web Application Testing

Looking for Professionals experienced in Web application Security testing for executing Security testing on Web and Mobile applications for our global customers.

Note: This role is only open for persons with expertise and relevant experience in Security testing of Web and mobile applications.

Department: Consultants
Project Location(s): Bangalore, India

Responsibilities

  • Play a key role in the Application Security Testing Services for our global customers.
  • Delivering effective and quality Testing on customer applications and infrastructure from Information Security perspective.
  • Draw Data Flow Diagrams (DFD), prepare threat models, identify threats and suggest mitigation steps.
  • Create and review security test reports and evidences.
  • Provide recommendations to clients in fixing vulnerabilities.
  • Develop frameworks and methodologies to evaluate security in new and emerging technologies including mobile application such as IOS, Android etc
  • Lead team of testers to ensure timely and effective completion of Application testing engagements where needed.
  • Managing and executing complex security testing projects, building and leading a framework, approach and team to ensure high level of quality in Security testing delivery.
  • Enhancing the teams skill sets and providing high quality deliverable s while improving the efficiency of the testing

Skills/Experience

  • 2-8 years of experience in Information Security Testing / Penetration testing on Web and Mobile applications (Mandatory)
  • At least 2 years of application development experience in developing ASP.Net/J2EE/PHP/C/C++ applications
  • Must be skilled in executing manual Security penetratiion testing on web application and networks.
  • Hands on experience in network vulnerability assessment, application penetration testing
  • Experience and knowledge of Application Security OWASP/SANS/OSTMM etc.
  • Analyze application security architecture and understand security threats
  • Strong experience with Unix/Linux and Windows operating systems.
  • The candidate is expected to have good verbal and written communication skills with the ability to talk to both business teams and technical teams
  • Should have certification(s) at least in one of the following:
    • OSCP (Offensive Security Certified Professional)
    • GPEN (GIAC Network Penetration Testing)
    • GXPN (GIAC Exploit Researcher and Advanced Penetration Tester)
    • GWAPT (GIAC Web Application Penetration Tester)

To apply, send your profile to info@wings2i.com with the position applied for, in the subject line.

Securing your most valuable business assets with smaller costs.