Application Security Test Analyst

As a strong technical person in Security Testing role at Lexmark India, you will be responsible for conducting web application security assessments and penetration tests. Your tasks will involve assessing applications for issues related to Authentication, Authorization, User management, Session management, Data validation, and common attacks like SQL injection, Cross-site scripting, Command injection, etc. Additionally, you will evaluate the security aspects of Web Services design and implementation, including confidentiality, integrity, trust relationships, and authentication using security standards such as XML signatures, XML encryption, SAML, and WS-Security. Your role will also include thick client assessment, writing formal security assessment reports, participating in client conference calls, performing vulnerability and network penetration assessments, mobile applications security testing, publishing whitepapers, tools, and delivering presentations, as well as cloud application security testing. Key Responsibilities: - Conduct web application security assessments and penetration tests. - Assess applications for issues surrounding Authentication, Authorization, User management, Session management, Data validation, including common attacks like SQL injection, Cross-site scripting, Command injection, etc. - Evaluate the security aspects of Web Services design and implementation, including confidentiality, integrity, trust relationships, and authentication using security standards like XML signatures, XML encryption, SAML, and WS-Security. - Perform thick client assessment. - Write formal security assessment reports using Foundstone reporting format. - Participate in client conference calls for data gathering and technical issue advisory. - Conduct vulnerability and network penetration assessments. - Perform mobile applications security testing. - Publish whitepapers, tools, and deliver presentations. - Conduct cloud application security testing. Qualifications Required: - B.E./B.Tech. or higher from a reputed Engineering College/University. - 3 to 5 years of hands-on application security testing experience. - Prior experience in working in an agile/scrum environment. - Development experience will be a plus. Additional Details: Lexmark India, located in Kolkata, is one of the research and development centers of Lexmark International Inc. The diverse workforce collaborates their skills and ideas to build, deliver, and support first-class products and solutions for customers. If you possess knowledge of tools like Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Openssl, Mallory, Wireshark, mobile application development, web application development experience in languages like C#, Java, PHP, ASP.NET, scripting languages like Python, JavaScript, Ruby, SQL, reviewing code in C, C++, Java, PHP, C#, ASP.NET, Go, familiarity with automated source code analysis tools, and certifications such as OSCP or CEH, along with working knowledge of version control software like git and Subversion, and can demonstrate Lexmark core values, then you are encouraged to apply for this role and make your mark with a global technology leader.,