Job
Description
We are looking for a skilled Cyber Testing Senior Associate 1 to join our team in Bengaluru. The ideal candidate will have between 5 and 10 years of experience in cyber testing, with expertise in manual and automated testing. Roles and Responsibility Perform security assessments, including static and dynamic application security testing. Conduct manual penetration testing on web applications, network devices, and other systems. Collaborate with clients in a fast-paced environment across various technology stacks and services. Develop, enhance, and interpret security standards and guidance. Demonstrate and promote security best practices, including secure development and cloud security. Assist with the development of remediation recommendations for identified findings. Identify and clearly articulate (written and verbal) findings to senior management and clients. Help identify improvement opportunities for assigned clients. Stay up-to-date with the latest security trends, technologies, and best practices. Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes. Supervise and provide engagement management for other staff working on assigned engagements. Job Requirements Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent work experience. Expertise in web security, with extensive knowledge of vulnerabilities and the ability to identify and exploit them effectively. Minimum 5 years of experience in code review, application security testing, or web application development. Excellent written and verbal communication skills. Strong scripting skills, such as Python, Ruby, or Perl. Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices. Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices. Technical background in application development, networking/system administration, security testing, or related fields. Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques. Preferred but not required: one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist. Additional Info The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned with client requirements and deliverables.
