Job ID :
Company :
Internal Postings
Location :
Type :
Duration :
10 months
Salary :
Status :
Openings :
Posted :
21 Feb 2018
Job Seekers, Please send resumes to
Job Details:
  • Thorough understanding on Web architecture, web technologies and frameworks.
  • To perform information gathering on the target application or system through review of its technology stack, business functionality, architecture, criticality, security controls etc.
  • Participate in Meetings and  technical discussions with the application Stakeholders.
  • Prepare test plan, test strategy & security test cases.
  • Full fill all the Testing pre-requisites as required for the application under the scope.
  • Perform Penetration testing on theTarget  Web Application or API to find vulnerabilities that covers wide range of prevalent security issues but not just limited to OWASP top 10, SANS 25
  • Configure and run web vulnerability scanners such as  WebInspect and AppScan
  • Knowledge on Static secure code analysis using tools such a Fortify, Checkmarx etc. on code written using Java, C++, ASP .NET
  • To document the identified issues and report them to the appropriate stakeholders.
  • Record and track vulnerabilities using the Vulnerability Management System
  • To provide consultation and guidelines for vulnerability remediation to the developers.
  • Validate security fixes and to ensure the adequacy of the implemented security solution.
  • Installation, maintenance and configuration of security assessment tools like Fortify SCA, Web-Inspect, IBM AppScan and other assessment tools used by the team.
  • To provide support and remediation guidance in the event of security incidents.
  • To lead and co-ordinate project activities within the team to deliver the project assignments on schedule.
  • Good Knowledge on threat modeling.
  • To update the security knowledge base and testing methodologies based on latest and zero-day vulnerabilities.
  • Mentor and provide technical guidance to a team of App Security engineers.