Talent.com
This job offer is not available in your country.
Mobile Applications Security Engineer - Vulnerability Assessment

Mobile Applications Security Engineer - Vulnerability Assessment

SKS EnterprisesBangalore
20 days ago
Job description

Position Name : Application Security Engineer

Location : Bangalore

Experience Range : 3+ Years

Mandatory Requirement :

  • Passionate about application security with a strong commitment to staying updated on the latest security trends and best practices.
  • Proven experience in addressing web application security challenges, including a solid grasp of OWASP Top 10 vulnerabilities.
  • Hands-on expertise in conducting IOS and Android application security testing, ensuring comprehensive coverage.
  • Adept at identifying vulnerabilities in API endpoints and implementing robust security measures to mitigate risks.
  • In-depth knowledge and proficiency in performing thorough code reviews, encompassing manual assessments, SAST, DAST, and IAST audits.

About the Client :

Our client is a leading and reputable organisation in the financial services industry.

They are dedicated to providing innovative solutions and exceptional services to their clients, leveraging cutting-edge technologies to drive efficiency and value.

Job Roles and Responsibilities :

As an Application Security Engineer, you will play a pivotal role in ensuring the security and integrity of our web and mobile applications.

Your expertise will contribute to the safeguarding of our systems and the protection of user data.

Key responsibilities include :

  • Addressing web application security issues, with a deep understanding of OWASP Top 10 vulnerabilities.
  • Performing hands-on security testing for iOS and Android applications to identify potential vulnerabilities.
  • Identifying and assessing vulnerabilities in API endpoints to ensure robust security measures.
  • Conducting thorough code reviews, including manual assessments, SAST, DAST, and IAST audits.
  • Maintaining and enforcing security standards, providing guidance to developers on secure coding practices.
  • Developing and promoting secure coding practices using languages such as C#, Asp.Net (MVC and WebForms), HTML / CSS, and SQL Server.
  • Ensuring the secure integration of applications with relational database management systems, particularly MS SQL.
  • Executing both manual and automated testing techniques, utilizing tools like BurpSuite Pro, Fiddler, Netsparker, etc., to uncover vulnerabilities.
  • Applying security knowledge to both Linux and Windows environments, including aspects of web application hosting, middleware (IIS, Apache, Tomcat, PHP, ColdFusion, Ajax), and databases (Oracle, MySQL, MS SQL Servers).
  • Leveraging software security certifications, such as Certified Secure Software Lifecycle Professional (CSSLP), to enhance our security practices (a significant advantage).
  • Demonstrating a comprehensive understanding of application security across the entire software development lifecycle.
  • Effectively communicating findings and insights, both through presentations and thorough documentation.

    • Qualification and Experience :

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 3+ years of hands-on experience in addressing web application security issues and conducting security testing.
  • Proven expertise in IOS and Android application security testing.
  • Solid understanding of API endpoint vulnerabilities and security best practices.
  • Proficiency in conducting manual code reviews and utilizing various security testing methodologies (SAST, DAST, IAST).
  • Strong knowledge of secure coding practices, including C#, Asp. Net (MVC and WebForms), HTML / CSS, and SQL Server.
  • Experience securing application integrations with relational database management systems, particularly MS SQL.
  • Familiarity with security tools like BurpSuite Pro, Fiddler, Netsparker, etc. , for manual and automated testing.
  • Knowledge of security considerations in both Linux and Windows environments, including web application hosting, middleware, and databases.
  • Software Security Certifications, such as CSSLP, would be a significant advantage.
  • Adept at communicating complex security concepts effectively, both in presentations and documentation.

    • Other Details :

  • The position is based in Bangalore.
  • Competitive compensation package and opportunities for professional growth

    • (ref : hirist.tech)

    Create a job alert for this search

    Application Security Engineer • Bangalore