Desired Skills and Experience

  • Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization issues 
  • Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc 
  • Experience on both commercial and open source tools  Cenzic Hailstorm, Burpsuite, metasploit, CheckMarx, AppScan, WebInspect, Fortify, Nessus, nmap, sqlmap
  • Hands on experience in Dynamic security testing of web based application 
  • Knowledge of Secure SDLC and Security standards like OWASP, CWE, NIST, OSSTMM 
  • Understanding of OWASP top 10 and mitigation techniques 
  • Work with development teams to carry out Application Security Reviews
  • Hands on experience in Application Code Review 
  • Tool exposure in  CheckMarx, Fortify, IBM AppScan Source, Veracode  
  • Application Vulnerability Assessment/ Penetration Testing Cenzic, IBM AppScan 
  • Understanding of network  mobile security and tool exposure
  • Experience in Dynamic Application Security Testing(DAST)/Static Application Security Testing(SAST)
  • Excellent Communication Skills

Apply