Information Technology Security Ana...

We are seeking a skilled Security Testing / Application Security Engineer for our Hyderabad office, offering a hybrid work arrangement. This role demands strong expertise in OWASP, Vulnerability Assessment and Penetration Testing (VAPT), and application security. The ideal candidate will possess practical experience in securing Web, Mobile, Network, and Infrastructure environments, with a foundational understanding of DevSecOps principles.

Roles & Responsibilities:

• Conduct comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across Web Applications, Mobile Applications, Networks, and Infrastructure.
• Perform Web Application Penetration Testing, adhering to OWASP Top 10 guidelines.
• Execute Mobile Application Security Testing for both Android and iOS platforms.
• Manage and utilize SAST, DAST, and SCA tools for security assessments.
• Identify, analyze, and validate security vulnerabilities, providing actionable remediation recommendations.
• Integrate security testing methodologies into CI/CD pipelines within DevSecOps frameworks.
• Undertake Network and Infrastructure Security assessments, including configuration reviews and penetration tests.
• Collaborate closely with development and DevOps teams to embed secure design and deployment practices.
• Generate detailed security assessment and VAPT reports, including risk ratings and mitigation strategies.

Required Skills & Experience:

• In-depth knowledge of OWASP Top 10 vulnerabilities.
• Hands-on experience with Vulnerability & Penetration Testing (VAPT).
• Proven experience in Web Application and Mobile Application Security Testing.
• Practical exposure to SAST, DAST, and SCA tools.
• Understanding of DevSecOps concepts and secure CI/CD practices.
• Experience in Network Security and Infrastructure Security.
• Familiarity with industry-standard security tools such as Burp Suite, OWASP ZAP, Nessus, Qualys, Metasploit, etc.