Overview :
We are seeking a highly experienced and motivated Application Security Testing Specialist to join our team in Pune. The ideal candidate will have a strong, hands-on background in a broad range of application security solutions, penetration testing, and integrating security controls into the CI / CD pipeline. You will play a crucial role in ensuring the security of our applications through robust testing, infrastructure setup, and process implementation.
Key Responsibilities :
Application Security Testing & Analysis :
- Perform penetration testing, vulnerability analysis, and security assessments on various applications (web, mobile, API, etc.).
- Demonstrate strong hands-on experience utilizing and managing various Application Security solutions, including :
1. SAST (Static Application Security Testing)
2. SCA (Software Composition Analysis)
3. IAST (Interactive Application Security Testing)
4. DAST (Dynamic Application Security Testing)
5. API Security Testing
Analyze and interpret the results from security tests, prioritize findings, and work with development teams to ensure timely remediation.Security Integration & Infrastructure :
Design, implement, and maintain security controls and checks within the CI / CD pipeline (DevSecOps).Provide technical expertise in the infrastructure setup, configuration, and maintenance of Application Security and Penetration Testing tools.Automate security testing processes where possible to enhance efficiency and coverage.Project Management & Strategy :
Utilize a strong understanding and experience with project planning and execution for security initiatives.Manage the application on-boarding or service adoption process for new security tools and services.Work within an Agile delivery framework, collaborating closely with development, operations, and product teams.Effectively manage conflicting stakeholder needs and challenge existing practices to ensure optimal security outcomes.Required Skills & Experience (Primary) :
Experience : 5+ years of dedicated experience in Application Security Testing or a similar security role.Core Security Tools : Hands-on expertise with a variety of Application Security solutions (SAST, SCA, IAST, DAST, API testing).Security Assessments : Proven hands-on experience in Penetration Testing and vulnerability analysis.DevSecOps : Deep understanding and hands-on experience implementing security controls and gates within CI / CD pipelines (e.g., Jenkins, GitLab CI, Azure DevOps).Tool Management : Technical experience in infrastructure setup, deployment, and operational maintenance for Application Security and Penetration Testing tools.Methodology : Strong understanding and experience with project management, agile delivery, and successful application or service adoption processes.Desired Skills (Secondary) :
Cloud Security : Very good knowledge of the Azure cloud ecosystem and its native security capabilities.Technical Foundations : Good knowledge of networking principles, operating systems (Linux / Windows), and scripting (e.g., Python, PowerShell, Bash).Version Control : Basic knowledge of version control systems (e.g., Git).Communication : Excellent technical communication and documentation skills, with the ability to clearly articulate complex security issues to both technical and non-technical audiences.Mindset : Inquisitive, proactive, and able to effectively challenge security decisions and practices.(ref : hirist.tech)
