Security Analyst

Job Title: Security Testing / Application Security Engineer

Experience: 24 Years

Location: Hyderabad / Hybrid

Job Summary:

We are looking for a Security Testing / Application Security Engineer with strong expertise in OWASP, VAPT, and application security. The ideal candidate will have hands-on experience in Web, Mobile, Network, and Infrastructure Security, along with exposure to DevSecOps practices.

Roles & Responsibilities:

Perform Vulnerability Assessment and Penetration Testing (VAPT) for Web Applications, Mobile Applications, Networks, and Infrastructure.

Conduct Web Application Penetration Testing based on OWASP Top 10 guidelines.

Perform Mobile Application Security Testing (Android & iOS).

Execute and manage SAST, DAST, and SCA tools and assessments.

Identify, analyze, and validate security vulnerabilities and provide remediation recommendations.

Integrate security testing into CI/CD pipelines as part of DevSecOps initiatives.

Perform Network and Infrastructure Security assessments, including configuration reviews and penetration testing.

Work closely with development and DevOps teams to ensure secure application design and deployment.

Prepare detailed security assessment and VAPT reports with risk ratings and mitigation steps.

Required Skills & Experience:

Strong knowledge of OWASP Top 10 vulnerabilities.

Hands-on experience with VAPT (Vulnerability & Penetration Testing).

Experience in Web Application and Mobile Application Security Testing.

Practical exposure to SAST, DAST, and SCA tools.

Knowledge of DevSecOps concepts and secure CI/CD practices.

Experience in Network Security and Infrastructure Security.

Familiarity with security tools such as Burp Suite, OWASP ZAP, Nessus, Qualys, Metasploit, etc.

Understanding of secure coding practices and common security misconfigurations