Talent.com
This job offer is not available in your country.
Pentester / Mobile Application Security

Pentester / Mobile Application Security

NETSACH GLOBALbangalore, India
8 hours ago
Job description

Greetings from Netsach - A Cyber Security Company.

We are looking for Mobile Application Security with 3 yrs of relevant experience and mandatory skills set are Web and Mobile Application Security, Security Code review, API security, Platform security, IAST, SAST, DAST.

Job Title : Mobile Application Security / Pentester

Exp : 3+ - 5yrs

Job Location : Bangalore

Job Type : Full-time

Interested candidates please share your resume at and netsachglobal.com

Job Description

1. Job Overview

The primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles / patterns / controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads / stakeholders.

2. Job Purpose

Primary / General Job Purpose :

  • Encourage Shift Left Mindset - Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle
  • Implement via Influence - Influence stakeholders such as Product Owners, Solution Architects, Developers, Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees
  • Assessments Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes.

Key Skills Web and Mobile Application Security, Security Code review, API security, Platform security, IAST, SAST, DAST,

  • Tools and Technologies Expertise Burp Suite, MobSF, Frida, Kali Linux, Nessus, Checkmarx SAST, Kubernetes, Docker, Jenkins, GitHub, OpenShift and good knowledge about microservice architecture and pipeline driven security.

    • Experience with following Components :

    3. Technical Requirements

    Application Security Assessment Skillset

  • Mobile App testing (Android & iOS)
  • Web Application Security
  • Security Code Review
  • Container Review
  • Infrastructure Review
  • WAF rules review

    • Soft Skills :

  • Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective
  • Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement good architecture principles to lower technical debt
  • Assertive personality; should be able to hold her / his own in a project board or work group setting
  • Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner
  • Ability to work under pressure and meet tough / challenging deadlines
  • Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not
  • Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint
  • Has strong decision making, planning and time management skills.
  • Can work independently.
  • Has a positive and constructive attitude.

    • 4. Person Specifications (required to carry out the job, not what the current or recommended incumbent possesses)

    Specifications

    Description of Knowledge / Skill etc.

    Desirable or Essential

  • Education
  • General
  • Professional

    • Bachelors degree in a computer-related field such as computer science, cyber / information security discipline, physics, mathematics or similar

  • General Information Security : CISSP, OSCP, CEH, CISM / CISA or similar

    • Essential

    Desirable

  • General Cloud Security : CCSK / CCSP or similar
  • Specific Cloud Security : AWS / Azure / GCP / Oracle Solution / Security or similar
  • Network Security : CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist

    • Must have minimum 4 years of experience in an information

    Essential

    B.Experiences

    security function with good background in information

    (Years & Type)

    technology, stakeholder management and people

  • Industry

    • management

  • Regional
  • Functional

    • Minimum 3 years of experience, as a Security Engineer

    Essential

    especially in Cloud Native environments

    Deep foundational knowledge of Mobile Applications, Intensive skills on SSL pinning bypass, root / jailbreak bypass, core Mobile application exploitation Skillset

    Essential

    Expert at the technology and frameworks in his / her area of expertise, and coach other architect on development standards and best practices.

    Desirable

    Good understanding of Microservice based architecture (Technical)

    Desirable

    Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection / detection & API / Micro services Security

    Desirable

    Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST / SAST tools and building Evil Stories (Technical)

    Essential

  • Knowledge & Skills
  • Technical
  • Functional
  • Managerial

    • The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise

    The Analyst / Engineer can understand and interpret potential issues found in source or compiled code

    Desirable Desirable

    The Analyst / Engineer has automation skills / capability in the form of scripting or similar

    Desirable

    The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures

    Desirable

    Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and / or during agile ceremonies, via Evil Stories

    Desirable

    The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance

    Desirable

    The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams.

    Desirable

    The Analyst / Engineer can interpret and understand

    Desirable

    Thank You

    Emily Jha

    Netsach - A Cyber Security Company

    Create a job alert for this search

    Application Security • bangalore, India

    Related jobs
    • Promoted
    Lead Application Security Engineer

    Lead Application Security Engineer

    InMobi AdvertisingBengaluru, Karnataka, India
    InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content,...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    VAPT Pentester / Web Application Security

    VAPT Pentester / Web Application Security

    NETSACH GLOBALbangalore, India
    Greetings from Netsach - A Cyber Security Company.We are looking for Web Application Security with 3 yrs of relevant experience and mandatory skills set are Web Application Security, Security Code ...Show moreLast updated: 8 hours ago
    • Promoted
    Mobile Applications Security Engineer - Vulnerability Assessment

    Mobile Applications Security Engineer - Vulnerability Assessment

    SKS EnterprisesBangalore
    Position Name : Application Security Engineer Location : Bangalore Experience Range : 3+ Years &l...Show moreLast updated: 22 days ago
    • Promoted
    Senior Quality Assurance Automation Engineer

    Senior Quality Assurance Automation Engineer

    Andor TechBangalore Rural, Karnataka, India
    Location : Work From Office (5 Days).We are seeking a skilled QA / Automation Engineer with hands-on experience in API, Web, Desktop, and Mobile application testing. The candidate should have strong au...Show moreLast updated: 8 days ago
    • Promoted
    Microservice Developer

    Microservice Developer

    Tata Consultancy ServicesBangalore Rural, Karnataka, India
    Role • • : Microservice Developer.Required Technical Skill Set : Microservice Developer.Desired Experience Range : 5 - 9 yrs. Notice Period : Immediate to 30Days only.We are currently planning to do a Vir...Show moreLast updated: 6 days ago
    • Promoted
    Application Security Engineer - Penetration Testing

    Application Security Engineer - Penetration Testing

    Coders Brain Technology Private LimitedBangalore
    Were Hiring : WebPTP1 - Consultant Location : Bangalore / Pune Experience : 4-8 Years Salary : As per market standard&...Show moreLast updated: 30+ days ago
    • Promoted
    RMS Technical Expert - OSAT

    RMS Technical Expert - OSAT

    Tata ElectronicsKolar, Karnataka, India
    The RMS Technical Expert will be responsible for the design, deployment, and optimization of Reliability Monitoring Systems in an OSAT (Outsourced Semiconductor Assembly & Test) manufacturing envir...Show moreLast updated: 8 days ago
    • Promoted
    • New!
    Penetration Tester / Application Security Analyst

    Penetration Tester / Application Security Analyst

    CGIbangalore, India
    We are seeking a skilled and detail-oriented Penetration Tester to join our cybersecurity team.This role involves performing manual security assessments across web, mobile, API, and network environ...Show moreLast updated: 8 hours ago
    • Promoted
    Penetration Tester - Application Security

    Penetration Tester - Application Security

    Kezan ConsultingBangalore
    Job Specification Role : WebPT P1 Consultant (Immediate Joiner only can apply) Experience : 4-8 Years Location : Bangalore / P...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Application Security Lead Engineer

    Application Security Lead Engineer

    Anicalls (Pty) Ltdbangalore, India
    Create and manage bug bounty programs.Evangelize software security best practices.Perform threat modeling, architecture design reviews, and detection capabilities. Develop and implement security too...Show moreLast updated: 8 hours ago
    • Promoted
    Senior Penetration Tester

    Senior Penetration Tester

    AppSecure SecurityBangalore Urban, Karnataka, India
    Appsecure is a leading offensive cybersecurity and red-team services company trusted by Fortune 500s, high-growth startups, and global enterprises. Our team consists of top bug bounty hunters, seaso...Show moreLast updated: 6 days ago
    • Promoted
    • New!
    Security Engineer, Application Security

    Security Engineer, Application Security

    ADCI - Karnatakabangalore, India
    In Amazon Stores, we ship some of the widest arrays of technology found at any company.Innovative digital healthcare to no-checkout retail, we push the boundaries of technology in every direction u...Show moreLast updated: 8 hours ago
    • Promoted
    Security Technology Lifecycle Analyst

    Security Technology Lifecycle Analyst

    HR PLACEMENT CONSULTANTS (HRPC)Bangalore Rural, Karnataka, India
    Position - Analyst - Security Technology Lifecycle Analyst.Job Type - Full-time (Third party payroll •).The Security Technology Lifecycle Analyst plays a critical role in supporting the Corporate Se...Show moreLast updated: 21 days ago
    • Promoted
    Media Streaming Engineer

    Media Streaming Engineer

    Tata Consultancy ServicesBangalore Rural, Karnataka, India
    Role • • : Media Streaming Engineer.Required Technical Skill Set : Media Streaming Engineer.Desired Experience Range : 12 - 17 yrs. Notice Period : Immediate to 90Days only.We are currently planning to do...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    Mobile Application Developer

    Mobile Application Developer

    Tredence Inc.Bangalore Rural, Karnataka, India
    Bangalore - Chennai - Gurgaon - Kolkata - Pune.Mobile App Development - Must Have : .React Native development (iOS & Android). Strong JavaScript / TypeScript, Redux / Context API.RESTful API integration, ...Show moreLast updated: 7 hours ago
    • Promoted
    • New!
    Penetration Tester lead

    Penetration Tester lead

    Anicalls (Pty) Ltdbangalore, India
    Show moreLast updated: 8 hours ago
    • Promoted
    • New!
    Sr. Security Engineer, Application Security

    Sr. Security Engineer, Application Security

    ADCI - Karnatakabangalore, India
    In Amazon Stores, we ship some of the widest arrays of technology found at any company.As an AppSec engineer, you will collaborate with software development teams to ensure we keep our customers sa...Show moreLast updated: 8 hours ago
    • Promoted
    Associate Manager - EHS

    Associate Manager - EHS

    LifeStyles HealthcareBangalore Rural, Karnataka, India
    We are looking at Candidates who has exposure to the following : .EHS compliance , hands on experience in handling ETP, PCB with 8 to 10 years work experience. Senior Manager – Human Resources.Englis...Show moreLast updated: 30+ days ago