Web Application Security Consultant GoldenHire Consultancy

3.0 - 7.0 years

0 Lacs

pune, maharashtra

On-site

You will be responsible for performing automated testing of running applications and static code (SAST, DAST). Additionally, you will conduct manual application penetration tests on various platforms such as web applications, internal applications, APIs, internal and external networks, and mobile applications to identify and exploit vulnerabilities. Experience in mobile application testing, Web application pen testing, application architecture, and business logic analysis would be advantageous. You will need to utilize application tools like AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux to carry out security tests and should be capable of explaining concepts like IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, and Remediation. The mandatory technical and functional skills required for this role include a minimum of three (3) years of recent experience with application tools for security testing, manual penetration testing, and code review against web apps, mobile apps, and APIs. You should also have experience in working with both technical and non-technical audiences to report results and lead remediation conversations. It is preferred that you have at least one year of experience in developing web applications and/or APIs. Being able to adapt to new tools and technologies to address client project requirements efficiently is a key aspect of this role. While having major ethical hacking certifications like GWAPT, CREST, OSCP, OSWE, or OSWA is not mandatory, it would be considered advantageous.,

Posted 1 month ago

Apply

Web Penetration Tester Consultant Kezan Consulting

4.0 - 9.0 years

22 - 25 Lacs

Pune, Bengaluru

Hybrid

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Posted 2 months ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.