What You Will Do

  • Conduct application penetration testing on AWS cloud-based application, web application and mobile applications
  • API / web services security assessment and configuration review
  • Conduct threat modeling / design review of the applications
  • Conduct source code review of applications
  • Define security framework/guidelines to improve web and mobile application security practices
  • Lead process improvement activities to streamline security assessment processes and improve quality with respect to security best practices
  • Conduct proactive researches to identify and understand new threats, vulnerabilities, exploits and mitigations of Cloud, Web, Mobile, Cloud applications, etc
  • Report the findings from the assessments and explain the same to the development team along with clear recommendations to mitigate the identified vulnerabilities / risks
  • Work with / guide the development team in mitigating identified vulnerabilities / risks
  • Track and report the status of the identified risks on a periodic basis
  • Conduct regular sessions on building awareness about the application security best practices to be followed

What You Possess

  • Bachelor’s degree in Computer engineering / equivalent
  • 4 to 6 Years of relevant experience
  • Experience in working with multiple DAST and SAST tools used for application security
  • Experience in conducting assessments for AWS cloud-based applications
  • Sound understanding of security related fundamentals
  • Should be familiar with international processes for conducting Vulnerability Assessment, Penetration testing, Secure code review
  • Knowledge in script development in Perl/Ruby/Php/Python will be an advantage
  • Experience in network vulnerability assessment and penetration testing will be an advantage
  • Excellent time management and prioritization skills
  • AWS certifications and other relevant certifications like OSCP/CSSLP/CISSP will be an added advantage
  • Strong Written and Oral Communication skills