Standard / Permanent
1. Black box/Grey box Web Application Security Testing. White Box Security Testing /Source Code Analysis.
2. Hands on plus strong expertise on HP Fortify Code Review Tool.
3. Good exposure to Security Testing of Web based applications and vulnerabilities associated with them.
4. Must have Ethical Hacking knowledge on Web Applications, Excellent understanding of OWASP, OSSTMM & Good Knowledge of Secure Coding Best Practices.
5. Hands on experience on code review tools.
6. Candidate should have development background with Java & .Net. And capable enough to provide recommendation to developers.
7. CSSLP/CEH/CISSP certified (Good to have).
Work closely with the Application Security Team for various Application Vulnerability assessment assignments.
- White box assessments - Perform Security code reviews for applications
- Configure and run code review scans using automated tools
- Provide Analysis of findings and suggest appropriate mitigations
- Benchmark applications against OWASP best practices
- Provide assurance of adherence to best practices in security
- Understand Security Test Requirements, Prepare Security Test Scenarios & conduct Test execution
- Prepare Test Reports & provide Test Report walkthrough the development team & management.
Any engineering degree or equivalent