Technical Security - Vulnerability Assessment

We are seeking a highly skilled and motivated Technical Security Professional specializing in

Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and

Web Application Security. As a member of our team, you will be responsible for ensuring the

security and integrity of our systems, applications, and networks.

 Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities.

 Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products.

 Assess and enhance API security by evaluating API designs, configurations, and

implementations for potential security risks and vulnerabilities.

 Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls.

 Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities.

 Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies.

 Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks.

 Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications.

 Bachelor's degree in Computer Science, Information Security, or a related field. (Master'sdegree preferred)

 5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications.

 4 to 7 years of experience in performing Source Code Reviews for web applications and software products.

 Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc.

 Strong understanding of web application security principles, common vulnerabilities (e.g.,OWASP Top 10), and mitigation techniques.

 Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms.

 Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.).

 Knowledge of cloud security and devsecops processes.

 Excellent analytical and problem-solving skills with the ability to identify and mitigate

complex security risks and vulnerabilities.

 Strong communication and interpersonal skills with the ability to effectively collaborate with

cross-functional teams and stakeholders.

 Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred.