Penetration Tester

Role : Application Security Engineer (PEN Testing / Penetration Testing)

Location :GURGAON, India

Experience : 3 Years to 7 Years

Notice Period : Immediate to 30 Days

In this mission critical role as an Application Security Engineer, you will be part of a dynamic global application security team, working directly with software architects and software engineers to perform penetration testing on software solutions developed within the company. In addition, youll collaborate with engineering to triage security findings and review remediation techniques in order to harden and improve the security of NCR Voyix software across multiple types of products.

With NCR Voyix as a software-focused company, youll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And youll be instrumental in helping teams add in security testing as part of their build and release pipelines. NCR Voyix produces hardware and software for major companies in Retail, Restaurants, and Digital Banking – come help secure the state-of-the-art!

Responsibilities:

• Conducting manual penetration tests of NCR Voyix software
• Assessing risk level of security findings using standard methodologies
• Running automated application security tools
• Writing and presenting pen test reports to development teams
• Consulting with development teams on remediation techniques and defensive coding
• Validation testing to confirm findings are closed
• Develop, integrate, and enable security engineering test automation into a CI/CD pipeline
• Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes

Required skills and experience:

• Bachelor’s Degree in Computer Science or related field - equivalent work experience ok
• At least 2 years of experience of Application pen testing background
• Web application test experience
• Web services/API test experience
• Mobile application test experience (iOS and Android)
• Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.)

Preferred Skills and Experience:

• Experience with automation of security testing as part of a CI/CD pipeline
• Experience with retail, banking, and/or restaurant software, particularly the types of vulnerabilities and security testing associated with them.
• Previous hardware/POS pen test experience
• Active participation in cybersecurity forums/conferences, e.g. DEFCON, Black Hat.
• Experience with privacy requirements of a global corporation (e.g. GDPR, CCPA)
• Security industry certifications, e.g. CEH