23 years of hands-on experience in web application, mobile application, source code review, and network penetration testing
Strong experience in manual security testing, including SAST and DAST
Key Responsibilities
Perform penetration testing across web applications, mobile applications, and network infrastructure throughout different Software Development Life Cycle (SDLC) phases
Identify, exploit, and report security vulnerabilities including business logic flaws, OWASP Top 10 issues, and generic attack vectors
Conduct manual penetration testing for web and mobile applications, along with manual and automated source code reviews and analysis
Collaborate closely with development and product teams to identify, validate, and mitigate security issues
Manage security testing tasks and vulnerability reporting using tools such as Jira (knowledge of Jira is a plus)Technical Skills & Tools:
Proficiency in tools such as Burp Suite Professional, Postman, MobSF, Frida, and Nessus (experience with custom or self-developed tools is a plus)
Knowledge of programming languages and frameworks such as PHP and JavaScript, including JavaScript frameworks (React, Node.js, etc.), is a plus
Strong skills in manual and automated source code analysis, familiarity with SAST tools is a plus
Additional Experience (Good To Have)
Experience in bug bounty hunting, CVE discovery or contribution
Security research, responsible disclosures, or public write-upsCertifications (Good to Have, but Not Mandatory):
