Job Description

:
Work experience
4 to 8 years of postqualification experience with strong working knowledge on Manual Security code review
Roles responsibilities
Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities web applications internal applications APIs internal and external networks and mobile applications
Perform manual security code review against common programming languages Java CSharp
Perform automated testing of running applications and static code SAST DAST
Experience in one or more of the following a plus AI pen testing
Need to work on application tools to perform security tests AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux
Able to explain IDOR Second Order SQL Injection CSRF Vulnerability Root cause Remediation
Educational qualifications
Masters preferably in computer science or MCA andor BE B Tech from a reputed University
Mandatory technical functional skills
Strong knowledge on manual secure code review against common programming languages Java C
Minimum three 3 years of recent experience working with application tools to perform security tests AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux or equivalent
Minimum three 3 years of performing manual penetration testing and code review against web apps mobile apps and APIs
Minimum three 3 years of working with technical and nontechnical audiences in reporting results and lead remediation conversations
Preferred one year of experience in development of web applications andor APIs
should be able to identify and work with new tools technologies to plug and play on client projects as needed to solve the problem at hand
One or more major ethical hacking certifications not required but preferred GWAPT CREST OSCP OSWE OSWA
Proposed designation Consultant
Role type Individual contributor
Working location BangalorePune
Work timings 12 PM to 9 PM
Skills:
Mandatory Skills : Estimation,Application Security - Microfocus Fortify-SCA and SAST,Application Security - Microfocus Fortify DAST,Network PT,Attack Surface Management,Breach Attack Simulation,Red Teaming,Mobile Security - MAST Tool Implementation/ Dynamic Analysis (Penetration Testing)/ Static Analysis (Static Code Analysis)/ Remediation Advisory/ Tool Selection,Architectural diagrams,Application Security - Black Duck/ Sonartype IQ,Application Security - Burp Suite,Application Security - Checkmarx/ Synopsys / Veracode,Application Security - Rapid 7 (InsightAppSec),Application Security (application security framework/ threat modelling/ Secure SDLC/ DevSecOps/Application Security Architecture Review),Application Security DAST & Penetration Testing - review/ Implementation/ Scanning/ Secure Code Review/ OWASP/ Remediation Advisor/ Secure SDLC,Application Security SAST & SCA Tool - review/ Implementation/ Scanning/ Secure Code Review/ OWASP/ Remediation Advisory/ Secure SDLC,Application Security SAST and IAST - CheckMarx,Architecture Assessment,Architecture Governance,Capacity Planning,Compliance Evaluation,Cost Benefit Analysis Method,Devsecops /Appsec Automation / Appsec Maturity Program,DevSecOps automation - Jenkins, Ansible. Terraform, GitLab,Infra Vulnerability Management - Qualys,Infra Vulnerability Management - Rapid 7,Infra Vulnerability Management - Tenable IO,Infra Vulnerability Management - Tenable Nessus, SC, CS,Infra Vulnerability management/Triaging/ Remdiation Advisory / ServiceNow /ITSM /CMDB,Metasploit,Red Teaming - FireCompass,BaS - Cymulate,PT - Horizon3,PT - VA/ Discovery/ Enumeration/ Reconnaisance/ Scanning/ Manual/ Exploitation/ Analysis/ Reporting/ Zero Day/ corrective action/ Strategy,PT - Network PT/ Red Teaming (Internal and External)/ Attack surface management/ /Breach Attack Simulation/Mitre Attack - Discovery/ Enumeration/ Reconnaisance/ Scanning/ Manual/ Exploitation/ Analysis/ Reporting/ Zero Day/ corrective action/ Strategy,Application Security - Microfocus Fortify
About Company:
LTIMindtree is a global technology consulting and digital solutions company that enables enterprises across industries to reimagine business models, accelerate innovation, and maximize growth by harnessing digital technologies. As a digital transformation partner to more than 700 clients, LTIMindtree brings extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes in a converging world. Powered by 83,000+ talented and entrepreneurial professionals across more than 40 countries, LTIMindtree -- a Larsen & Toubro Group company -- solves the most complex business challenges and delivers transformation at scale. For more information, please visit https://www.ltimindtree.com/.

Skills Required