Key Responsibilities
- Conduct security assessments by scanning applications and networks, performing penetration tests for further exploitation.
- Execute Web Application SAST, DAST, Mobile Application Security testing, and API security testing.
- Establish and maintain a Vulnerability Management framework including assessment, treatment, and acceptance/exception processes.
- Collaborate with stakeholders to elicit business and user requirements through workshops, meetings, storyboards, and process modeling.
- Ensure coverage of new assets and applications, performing VA/PT and Security Configuration Assessments before and periodically after going live.
- Manage VAPT (Vulnerability Assessment & Penetration Testing) and Secure Configuration Management processes.
Required Skills & Qualifications
- Bachelor's degree in Computer Science, Information Technology, Engineering, Business Administration, or related field.
- 12 years of hands-on experience in manual penetration testing and security automation tools.
- Strong understanding of OWASP Top 10, CIS, and NIST frameworks.
- Knowledge of programming languages such as Java, Ruby, Python.
- Experience with security testing on web and mobile applications using tools like MOBSF, POSTMAN, and BurpSuite.
- Good communication and collaboration skills.
