Penetration Tester
Primary Responsibilities:
- Lead security assurance engagements and responsible for application & network security testing
- Work closely with customer project teams and serve as a single point of contact for all security testing related activities
- Hands on experience in network vulnerability assessment, application penetration testing and security code reviews
- Must be skilled in executing manual network, application penetration tests and security code reviews
- Analyze application security architecture and understand security threats
- Design and execute security test cases
- Create and review security test reports and evidences
- Perform vulnerability assessments and penetration testing on Infrastructure, Web, Mobile applications
- Provide recommendations to clients in fixing vulnerabilities
- Assist in building security testing competency
- Mentor and provide technical guidance to team members in executing test cases
Skills Required
- Good knowledge of network & application security vulnerabilities
- Must be familiar with OWASP, SANS, CERT, WASC standards/frameworks for security testing and security code reviews. OSSTMM for network penetration testing
- Experience in executing various application/network security attacks and exploiting vulnerabilities
- Experience in using tools including Nmap/Nessus/Checkmarx/Fortify and experience in using open source application security testing tools (e.g., Backtrack, Burp, Paros WebScarab etc.,)
- Certification OSCP/CREST/SANS
- Must be able to handle tasks/activities with competing priorities
- Must be able to work independently & guide team
- Excellent analytical ability
- Good communication skills