Sr Specialist Cybersecurity - Penetration Testing

Work Mode: Hybrid

Location: Hyderabad and Bangalore

Primary / Mandatory skills:

Overall – 8+ years of IT experience

• 7+ years of application security experience

• 5+ years of Application Security testing experience

• 3+ years of penetration testing experience

• Deep familiarity with the OWASP Top 10 and other security concerns for web applications

• Deep Understanding of OWASP Application Security Verification Standards (ASVS)

• Deep understanding of SAST, DAST, SCA Scanning practices

• Experience in scanning leveraging Veracode, Appscan.or other enterprise tools.

• Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools.

• Understanding of SAST, DAST tools and dependency scanning tools

• Experience working/integrating with secret management systems.

• Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.)

• Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications.

• Strong documentation skills

• Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required)

• Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team.

• Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas. 

Technical Skills: SAST, DAST, SCA and penetration testing

Additional information (if any): Flexible to provide coverage in US morning hours upon need.

Certification: CSSLP or equivalent