Penetration Testing

Strong experience in overall software security planning, testing (scan and penetration test), troubleshooting and documentation

Experience in working with either commercial tools like Nessus, Tenable, Burp Suite, Wireshark or various opensource tools like xRay and Trivy.

Should have experience in setting up, executing and reviewing vulnerability scan reports, providing recommendations and fixing those vulnerabilities

Should have solid knowledge of current security threads, like OWASP Top 10 and risk assessment and mitigation methodology

Coding experience in either of the following languages: Java, Python, or Node.JS

Familiar with GitLab Ci/CD pipelines and automation

Experience in applying latest OS (CentOS, Linux) and 3rd party application patches

Should be aware of Software Development Lifecycle.

Develop and maintain vulnerability and penetration test plans

Understands QA metrics to reflect true picture of the environment

Should be able to train and guide junior team members

Coordinate with application developers, IT team and management to demonstrate security related alerts

Should be able to share estimates for assigned tasks

Develop relationship with key stakeholders and business partners

Experience on interface testing and protocols like TCP, HTTP/HTTP2 is desirable