Security Test Analyst

REQUIRED:

  • 5+ years of experience in Security Testing and exposure to different security Testing tools
  • Should have experience in Agile(Scrum) methodologies
  • Should have hands on experience using Burp suite and Burp suite,Acunetix
  • Should have hands on experience using Open source tools like MobSF
  • Should have experience in Test application against OWASP Top 10 vulnerabilities and other common vulnerabilities.
  • Should have experience in static and dynamic testing for Mobile/web app/APIs
  • Develop Security test strategy and take end to end PT ownership
  • Suggesting the mitigation controls for the identified vulnerabilities.
  • Reporting the vulnerabilities to the management and to the concerned team for closure.
  • Following up with respective stakeholders for the closure of the reported vulnerability.
  • Review and suggest appropriate security solutions for Application Security.
  • Configure open source security solutions as per requirements and integrate with current infrastructure
  • Perform code review of the web application/ android app/ backend server application.
  • Running static analysis on the application code.
  • Performing static and dynamic testing of the APIs.
  • Security testing for the third-party integrations

DESIRED/OPTIONAL:

Knowledge/Experience in Cards and payments domain

Requirements

  • Develop Security test strategy and take end to end PT ownership
  • Suggesting the mitigation controls for the identified vulnerabilities.
  • Reporting the vulnerabilities to the management and to the concerned team for closure.
  • Following up with respective stakeholders for the closure of the reported vulnerability.
  • Review and suggest appropriate security solutions for Application Security.
  • Configure open source security solutions as per requirements and integrate with current infrastructure
  • Perform code review of the web application/ android app/ backend server application.
  • Running static analysis on the application code.
  • Performing static and dynamic testing of the APIs.
  • Security testing for the third-party integrations