Application Security Testing Engineer

Maven Wave Partners

Early Applicant

Quick Apply

Posted 29 days ago
Be among the first 20 applicants

3-8 Years

Hyderabad

Cloud Data Services

Job Description

ENGINEERJob Profile Details: Execute complex Application Security Code Review projects for different types of applications including mobile, web services, web apps and thick-client
Execute Application Penetration Testing projects as business demands Gain in-depth knowledge and understanding of applications developed in various languages (ieJava, ASP
NET, PHP, React JS, Angular JS, C++, C#, etc)
Involve in application architecture understanding, vulnerability identification and control analysis Perform likelihood determination, impact analysis and risk determination
Provide risk prioritization including recommendation and documentation of solutions Identify and infer the business risk posed by the weaknesses identified during the assessments Successfully comprehend complex applications written by others from reading code and application design
Demonstrate strong communication (verbal and written) with internal and customer stakeholders
Engage with both business and technical personnel within and outside the organization from a project scope definition, project execution, project closure perspectives Stay current with emerging technologies and industry trends and conduct knowledge sharing sessions to rest of the team members Build knowledge on different risk assessment methodologies and frameworks and how to apply them to diverse applications
Be open for onsite deployments as business demandsSkills required: 3+ years of Security Code Review
Experience Experience with application development 3 years combined experience with J2EE (servlet/JSP) and/or NET (C#/VBNet and ASP
NET) 2+ years of application security testing experience and security code review experience Knowledge of Design Patterns Experience with relational databases from an application development perspective Ability to handle difficult situations and to provide alternative solutions or workarounds Flexible and creative in helping to find acceptable solutions Good communication and writing skills with ability to talk to both business and technical personnelPreferred Skills: Experience with different frameworks (Struts, Spring, MVC,
NET) and understanding of AJAX and web services Experience in Application Architecture Reviews will be a plus
Any CyberSecurity related certification and Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc
) Basic understanding of the following protocols/technologies such as SSL/TLS and Cryptography (symmetric and asymmetric encryption, PKI, etc
) Ability to work alone and in collaboration with a team