Lead Info Security Engineer

Principal Global Services

7 - 9 years

11 - 16 Lacs

hyderabad

Posted:-1 days ago| Platform:

Apply

Skills Required

security management testing tools enterprise applications owasp security testing vulnerability web application security python penetration testing wireshark

Work Mode

Work from Office

Job Type

Full Time

Job Description

Responsibilities Experience in conducting manual Vulnerability Assessments Penetration Testing of the following: Web Applications and APIs hosted in on-premises infrastructure
Web Applications and APIs hosted in cloud environment and using AWS services such as S3 bucket, EC2 instances, Lambda functions, API Gateway, SNS etc
Thick Client/ Desktop Applications using re-engineering techniques via tools like Echo Mirage, IDAPro, CFF Explorer, Dnspy, MS sys-internals, Wireshark, dotpeek, ghidra
Think innovatively and out-of-the-box to identify techniques to exploit the vulnerabilities in our apps thereby bypassing the security controls that have been implemented
Should be able to generate impactful POC s of the vulnerabilities identified during the testing
Stay up to date with the latest application security vulnerabilities, and attack techniques and leverage those to identify similar vulns in the enterprise applications
Install, configure, use, and maintain the security tools that are being used for security testing of the applications
Meet with application team to collect information and determine scope of testing
Work closely with the application team to troubleshoot issues that impact testing (as required) Assess the risk levels of the identified vulnerabilities appropriately using CVSS scoring mechanism and do detailed documentation of the identified vulnerabilities, in a timely manner
Meet with the application teams to discuss the identified security vulnerabilities with them and provide guidance to the application teams to be able to remediate the identified security vulnerabilities
Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities
Excellent communication and documentation skills to be able to write reports, update existing documentation etc
Ability to work independently and as part of a team
Should be able to mentor, guide and help the peers and/ or junior team members to learn and use new attack techniques during the security testing
Qualifications 7-9 Years of experience in conducting security testing of Web Application, Web API, Thick Client apps, mobile apps, AWS services, ideally in Finance Domain
Experience in using Web/API testing tools - Burp Suite, Postman, OWASP ZAP etc
Hands-on experience in using toolset on Kali and use it for performing advanced security testing of apps Sound knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, etc) and programming patterns that lead to them, as well as remediation techniques
Experience in using Cloud posture security management tools such as Prisma, Wiz(preferred) etc Additional Information Sound Knowledge of Network Protocols
Basic programming abilities in Python or similar scripting language Mobile Applications (both iOS and Android) using tools like GenyMotion, Drozer, MobSF, Android Studio
Having an AWS Cloud Practioner Certification or Any other cloud certification shall be helpful
Any other security related certification like C|EH, CPent etc

More Jobs at Principal Global Services

Analyst - Accounting

Hyderabad, Telangana, India

2 - 2 yrs

Salary: Not disclosed

Senior Software Engineer

Hyderabad, Telangana, India

4 - 6 yrs

Salary: Not disclosed

Lead Software Engineer

Pune

6 - 8 yrs

INR 25 - 30 Lacs

Software Engineer - Salesforce

Pune, Maharashtra, India

2 - 4 yrs

Salary: Not disclosed

Product Manager I

Pune, Maharashtra, India

2 - 2 yrs

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.