Talent.com
This job offer is not available in your country.
Penetration Tester - Application Security

Penetration Tester - Application Security

Kezan ConsultingBangalore
30+ days ago
Job description

Job Specification

Role : WebPT P1 Consultant (Immediate Joiner only can apply)

Experience : 4-8 Years

Location : Bangalore / Pune

Employment Type : 6 months Contract (Extendable)

Work timings 11 AM to 8 PM IST

Job Overview :

Roles & responsibilities :

  • Perform automated testing of running applications and static code (SAST, DAST)
  • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities : web applications, internal applications, APIs, internal and external networks, and mobile applications
  • Experience in one or more of the following is a plus : mobile application testing, Web application pen testing, application architecture, and business logic analysis
  • Need to work on application tools to perform security tests : AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux
  • Able to explain IDOR, Second Order SQL Injection, CSRF - Vulnerability, Root cause, Remediation

Mandatory technical & functional skills :

  • Minimum three (3) years of recent experience working with application tools to perform security tests : AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent
  • Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs
  • Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations
  • Preferred one year of experience in the development of web applications and / or APIs
  • should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand
  • One or more major ethical hacking certifications not required but preferred : GWAPT, CREST, OSCP, OSWE, OSWA
  • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred

    • (ref : hirist.tech)

    Create a job alert for this search

    Penetration Tester • Bangalore