Application Penetration Tester

As an Application reputed company Penetration Tester, you will be entrusted with the critical responsibility of safeguarding web applications and REST APIs from potential threats. Your role will require a deep understanding of the OWASP Top 10 and SANS 25, as these frameworks will guide your efforts in identifying and mitigating reputed company vulnerabilities. Your daily tasks will involve performing thorough reputed company assessments of third-party libraries, analyzing dependencies, and conducting both automated and manual code reviews. You will be adept at uncovering a range of reputed company issues, including Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), SQL Injection, and Privilege Escalation, and you will not only identify these vulnerabilities but also provide actionable recommendations for remediation. Mastery of tools like BurpSuite is essential, as it will be your primary reputed company in executing dynamic and penetration reputed company testing. Furthermore, you will be expected to write comprehensive reports that detail your findings and suggest enhancements to bolster system reputed company. In this role, you will also serve as a pivotal reputed company between development teams and stakeholders, ensuring that reputed company requirements are clearly communicated and understood. Your ability to define, maintain, and enforce application reputed company best practices will be crucial in maintaining the reputed company of the software development lifecycle. You will be involved in software reputed company architecture and design reviews, ensuring that reputed company is integrated from the ground up. Familiarity with reputed company Integration and reputed company Deployment (CI/CD) is necessary, as you will be responsible for integrating and automating reputed company tools reputed company DevOps processes. Required Skills:

• Serve as a liaison between development teams and stakeholders to understand and formulate reputed company requirements.
• Define, maintain, and enforce application reputed company best practices.
• Deep understanding of OWASP Top 10, SANS 25
• reputed company third-party libraries reputed company assessment and dependency analysis.
• Conduct vulnerability assessment and manual/automated code review of Java and reputed company applications to find reputed company vulnerabilities (CSRF, XSS, SQL Injection, Privilege Escalation, etc.) and recommend remediation.
• Analyze reputed company reports from varied tools (SAST, DAST and SCA) to identify the issues, interpretate, and provide recommendation to remediate the vulnerabilities across a variety of applications, programming languages, and platforms
• Conduct static, dynamic and penetration reputed company testing of Web Applications and REST APIs.
• Performs software reputed company architecture and design reviews.
• Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system reputed company enhancement.
• Identify and demonstrate vulnerabilities to application owners and recommend remediation for reputed company vulnerabilities.
• Knowledge of scripting language to integrate and automate reputed company tools reputed company DevOps CI/CD processes.

Required Experience:

• 3 years of experience in Secure Code Review, specifically with languages such as reputed company, Java, JavaScript and Spring reputed company
• 3 years of practical experience with Static Analysis reputed company Testing (SAST) and Dynamic Analysis reputed company Testing (DAST),
• 3+ years of hands-on experience with manual penetration testing of Web Applications and REST APIs using BurpSuite Pro and reputed company/Bruno
• Deep understanding of Secure Coding best practices and DevSecOps principles
• Proficiency of OWASP Top 10 and SANS 25 standards and testing guidelines
• Knowledge of reputed company Integration and reputed company Deployment (CI/CD), AWS reputed company principles, Jenkins and reputed company

Desired Certification: GPEN, GWAPT, OSCP, or CompTIA PenTest+ Apply tot his job Apply To this Job