Greeting !!!
We have an Urgent requirement of below given role ,Please revert me if you are available and interested with your updated resume.
Hi Team,
Please share profiles asap-
Role : Application Security
Location : Goodlettsville, TN
Duration : 6 Months
Responsibilities:
· Conduct security testing of web/mobile applications and web services/APIs, including source code security analysis (SAST) and dynamic (DAST) testing using a combination of commercial, open-source tools, and manual testing methods
· Perform security reviews of network infrastructure and endpoints hosted within the internal network as well as SaaS environments
· Adhere to best practice frameworks (e.g. OWASP)
· Use threat modelling tools to explore potential application, network, and infrastructure security-related threats
· Deliver timely and accurate security testing results to both technical and non-technical audiences
· Track and follow-up on remediation of identified security risks
· Act as liaison between application security teams, development teams, business units and vendors
· Provide subject matter expertise in security best practices and standards to ensure compliance with company security standards.
· Work closely with business units to determine work estimates and scope
· Propose and implement ideas to enhance and automate security-related processes
· Stay current on emerging technologies, products, and trends related to security solutions and testing techniques
Technical Qualifications:
· 3-5 Years Combined Experience in 2 or More of the Following:
· Web Application Security Testing
· Mobile Application Security Testing
· API Security Testing
· Network Penetration Testing
· Source Code Security Analysis
Strong, Hands-on Experience with Security Testing Tools such as:
· DAST (e.g. Fortify WebInspect, Fortify WebInspect Enterprise, IBM AppScan)
· SAST (e.g. Fortify SCA, Checkmarx CxSAST)
· Development Collaboration Platforms (e.g. Fortify SSC, Gitlab, Jira)
· Web Proxy Tools (e.g. BurpSuite Professional / BurpSuite Enterprise, OWASP ZAP)
· Open-Source Testing Tools (e.g. Nmap, OpenSSL, Metasploit, SQLMap)
Understanding of Network/Server Technologies such as:
· Firewalls (Network, Host, and Web Application)
· Cloud Hosting
· Containerization
· DNS, Routing, and other Common Networking Principles
· Directory Services / Active Directory
· Web Server Platforms (IIS / Tomcat)
· API / Web Services
· PKI / Web Certificates
· Familiarity with Compiled/Scripting Languages (e.g. C#, JavaScript, Python, Java, Swift, Kotlin)
Additional Qualifications
· Strong, effective written and oral communications skills
· Ability to clearly communicate pragmatic security risk and remediation recommendations to technical (e.g. developers) and non-technical audiences
· Ability to work independently with minimal supervision
Preferred:
· College degree in relevant fields or equivalent professional experience
· Software development background
· Active certification preferred (e.g. OSCP, OSWE, CSSLP, CISSP)
Thanks & Regards
Harshit
