Web Application and Mobile security Pentester

Responsibilities:

• Application security assessments for web applications, Mobile Apps (Android, iOS), APIs, Cloud, IOT devices & Thick Client etc.
• Security design reviews.
• Secure Code reviews
• External & internal Penetration Testing
• Security automation for DevSecOps readiness.
• Documentation of Security Findings & Reporting.
• Perform hands-on application penetration testing as well as static and dynamic analysis, auditing results, and plans for vulnerability remediation.
• Remediation support with developers in the closure and follow-ups to secure the solutions.
• Communicate and track remediation plans with all stakeholders and where applicable recommend mitigating/compensating controls.

Skills:

• Excellent verbal/written communication
• Web Application Pentest with exploitation experience across various frameworks like node, angular, react along with LAMP, MEAN stack-based apps.
• Proficiency in programming language (e.g. Python, BashShell, PowerShell) exposure to DevSecOps, Security Architecture review and Network Security assessment would be a bonus.
• Hands-on with industry standard proxy and DAST tools (Burp Suite, OWASP zap), SQL Map, Echo Mirage, Nessus, Nmap, Metasploit & Kali Linux suite of tools
• Mobile Application Pentest - Perform static, dynamic and memory analysis of Android and iOS Apps.
• Stay up to date with latest CVEs/developments/news in the Cyber Security world.
• Ability to multi-task, prioritize, and manage time effectively
• Certifications (Good to have): CEH, LPT, ECSA, OSWE, EWPT, OSCP .