Role: Application Security and Vulnerability Management Experts
Industry Type: IT Services & Consulting
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT Security
UG: Any Graduate
PG: Any Postgraduate
Educational Requirements- Master of Computer Science
- Post Graduate In Computer Science Application (PGDCSA)
- MCA
- Intergrated course BCA+MCA
- Bachelor Of Comp. Applications
- Bachelor of Comp. Sc. Engg.
- BCA
- Bachelor of Engineering
- Cyber Security
- SAST, DAST, Infra VM, Qualys, Nessus, Tenable, Red teaming, Purple teaming, vulnerability Management, Penetration testing
- Application Security
- Perform secure code reviews (manual automated) for applications written in languages like Java, Python, JavaScript, etc.
- Integrate security into CI/CD pipelines (DevSecOps practices).
- Conduct risk assessments, threat modeling, and security design reviews.
- Identify, analyze, and report vulnerabilities such as OWASP Top 10 issues.
- Work closely with development teams to remediate security flaws.
- Penetration Testing
- Conduct black-box, gray-box, and white-box penetration testing on:
- Web applications
- Mobile applications (Android/iOS)
- APIs and microservices
- Perform network and infrastructure security assessments when required.
- Use automated tools and manual techniques to discover vulnerabilities.
- Develop detailed penetration testing reports with risk ratings and remediation recommendations.
- Security Tools Technologies
- Utilize tools such as:
- Burp Suite, OWASP ZAP
- Nmap, Metasploit
- Nessus, Qualys
- SAST/DAST tools (e.g., Checkmarx, Veracode, Fortify)
- Create custom scripts for automation and testing (Python, Bash, etc.).
- Application Security
- Vulnerability Management
- Application Security->Vulnerability Assessment/Penetration Testing
- Application Security->Nessus
- Application Security->Vulnerability Management
- Application Security->Wireshark
- Application Security->Burpsuite
- Application Security->Threat Modeling
- Application Security-&Web Security
- Application Security->Application Risk Profiling
- Application Security-&Ethical Hacking(CEH)
- Application Security->Webservices Security
- Application Security->SSL(Secure Sockets Layer)
- Application Security->Devsecops
- Security testing->Vulnerability testing
- Technology->Application Security->Vulnerability Management->Rapid 7 Nexpose
- Technology->Application Security->Vulnerability Management->Qualys