Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Hyderabad |
Education | Not Mentioned |
Salary | Not Disclosed |
Industry | IT - Software |
Functional Area | General / Other Software,Web / Mobile Technologies |
EmploymentType | Full-time |
Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Clickjacking, buffer overflows, etc.
Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, API s etc.
Should have performed manual mobile application penetration testing on platforms like Android, IOS, etc - both client and serve side applications.
Should have knowledge on Risk Rating Standards like DREAD, CVSS, etc.
Should have a good understanding of web application architecture and Secure development life cycle (SDLC).
Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
Should have Prepared audit reports and findings tracker sheets for applications.
Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
Perform Black-Box / Grey Box External Network VA/PT assessments following structured phases
,Keyskills :
firewallnetworkingcustomer relationsidspenetration testinglife cycleburp suiteweb servicesaudit reportssql injectionweb applicationsession managementmobile applicationsapplication securityapplication architecturesqliosapixssrisk