Security Analyst - API Security

Lennox India Technology Centre (LITC)

3 - 8 years

10 - 15 Lacs

chennai

Posted:None| Platform:

Apply

Skills Required

dast offensive security api testing red teaming

Work Mode

Work from Office

Job Type

Full Time

Job Description

Role & responsibilities

Perform Dynamic Application Security Testing (DAST) on APIs and web applications using both manual and automated methods.
Analyze DAST scan results, identify and prioritize vulnerabilities based on risk.
Participate in triage sessions with application teams to explain and document vulnerabilities.
Conduct deep API security testing (REST, SOAP, GraphQL) to uncover issues like BOLA, logic flaws, and abuse scenarios.
Perform red teaming, adversary emulation, and use offensive security tools (if applicable).
Craft custom exploit chains and adaptive payloads to validate vulnerabilities (e.g., deserialization, command injection, broken access control).
Maintain and improve custom testing scripts, payload repositories, and test cases.
Conduct Static Application Security Testing (SAST) as needed and understand differences from DAST.
Use and maintain various security tools (e.g., Burp Suite, NetSparker, Checkmarx, Veracode, Fortify).
Collaborate with developers, DevOps, and security teams to address identified vulnerabilities.
Communicate security findings effectively to both technical and non-technical audiences.
Maintain thorough documentation of security tests, findings, and remediation efforts.
Contribute to improving security testing processes and strategies.

Preferred candidate profile

Experience:
57 years in Web Application Security Testing, including DAST, SAST, and API Security.
Strong knowledge of API security principles and common vulnerabilities.
Proficiency in Kali Linux penetration testing tools like SQLMAP, Dirbuster, etc.
Working knowledge of HTML and JavaScript.
Added advantage: Proficiency in front-end (e.g., .NET, Java) and back-end technologies (e.g., Oracle).
Exposure to common web vulnerabilities such as SQL Injection, XSS, CSRF; experience in bug bounty programs is a plus.
Experience in security testing of mobile apps and IoT applications is a bonus.
Familiarity with security testing tools:

DAST tools:
Burp Suite, NetSparker
SAST tools:
Checkmarx, Veracode, Fortify

Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Security certifications (Offensive Security, SANS, CREST, etc.) focused on web application security are a strong plus

More Jobs at Lennox India Technology Centre (LITC)

Specialist - Java Full Stack

Chennai

8.0 - 13.0 yrs

INR 20 - 27 Lacs

Senior Analyst - ERP

Chennai

5.0 - 8.0 yrs

INR 7 - 10 Lacs

Sap SD Functional Consultant

Chennai

7.0 - 10.0 yrs

INR 15 - 18 Lacs

Senior Analyst IT Risk &Compliance

Chennai

7.0 - 10.0 yrs

INR 20 - 22 Lacs

SAP EHS Functional Consultant

Chennai

10.0 - 15.0 yrs

INR 35 - 45 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.