Cyber - AppSec - SAST-DAST1

Roles and Responsibilities:
•   Conduct various security assessments encompassing activities such as Secure code reviews, Dynamic Application Security Testing (DAST), integration of security into DevSecOps practices, vulnerability assessments, penetration testing, and threat modelling.
•   Integrate Secure code review scanner Fortify into GITLAB CI/CD pipelines ..
•   Need to work on different programming language code bases and find the various vulnerabilities in code, perform the manual review, and provide the proper analysis comments for all the vulnerabilities, and demonstrate them with the Dev/Application Team. 
•   Experience in different network and application penetration testing both open source and commercial tools and scanners such as Burp suite, Nessus, Nmap, SQLmap, Kali Linux, Fortify,W3AF,Nikto, Hydra etc
•   Capable of conducting static analysis, dynamic analysis, reverse engineering of mobile application APKs and performing security checks based on OWASP MASVS.
•   Extensive working Knowledge on Fortify, CheckMarx, Veracode, Nmap, Burp Suite, Sqlmap, Kali Linux, HCL Appscan, Netsparker.
Qualifications:
•   Minimum Three years of recent experience in application penetration testing of API’s, web applications, or mobile applications
•   Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations
•   Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx
•   Bachelors degree from an accredited college/university or equivalent industry experience
•   One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSWE, OSWA

Roles and Responsibilities:
•   Conduct various security assessments encompassing activities such as Secure code reviews, Dynamic Application Security Testing (DAST), integration of security into DevSecOps practices, vulnerability assessments, penetration testing, and threat modelling.
•   Integrate Secure code review scanner Fortify into GITLAB CI/CD pipelines ..
•   Need to work on different programming language code bases and find the various vulnerabilities in code, perform the manual review, and provide the proper analysis comments for all the vulnerabilities, and demonstrate them with the Dev/Application Team. 
•   Experience in different network and application penetration testing both open source and commercial tools and scanners such as Burp suite, Nessus, Nmap, SQLmap, Kali Linux, Fortify,W3AF,Nikto, Hydra etc
•   Capable of conducting static analysis, dynamic analysis, reverse engineering of mobile application APKs and performing security checks based on OWASP MASVS.
•   Extensive working Knowledge on Fortify, CheckMarx, Veracode, Nmap, Burp Suite, Sqlmap, Kali Linux, HCL Appscan, Netsparker.
Qualifications:
•   Minimum Three years of recent experience in application penetration testing of API’s, web applications, or mobile applications
•   Ability to communicate reporting results with technical and non-technical audiences and lead remediation conversations
•   Experience with burp suite pro, and other app testing tools such as Netsparker and Checkmarx
•   Bachelors degree from an accredited college/university or equivalent industry experience
•   One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSWE, OSWA

Prior Experience:

The candidate must have 3 to 5 years of relevant experience in a similar role, preferably in a professional services organization.