Job
Description
Job Summary We are looking for an Application Security Analyst with 2-3 years of experience in IT and security to strengthen our security team. The ideal candidate will focus on securing web and mobile applications (Android/iOS) by conducting penetration testing, vulnerability assessments, API security reviews, and ensuring compliance with security best Responsibilities Security & Penetration Testing : Conduct security assessments for web, mobile (Android/iOS), and APIs. Identify, exploit, and remediate OWASP Top 10 vulnerabilities. Perform manual and automated security testing to uncover security risks. Conduct secure code reviews to detect application security Security (Android & iOS) : Perform static and dynamic analysis of Android/iOS applications. Identify security risks such as insecure data storage, API vulnerabilities, and jailbreak/root detection bypass. Utilize tools like MobSF, Frida, Burp Suite, Objection, Drozer, Jadx, and apktool. Validate applications against OWASP Mobile Top 10 security Security & Secure Development : Perform API penetration testing using Burp Suite, Postman, OWASP ZAP. Identify critical vulnerabilities such as Broken Authentication, Excessive Data Exposure, and IDOR. Collaborate with developers to implement secure coding practices and remediation Management & Compliance : Conduct vulnerability assessments using tools like Nessus, Acunetix, Nexpose, Rapid7, and Qualys. Ensure compliance with ISO 27001, SOC2, GDPR, and other regulatory frameworks. Work closely with development teams to remediate security Skills & Qualifications : Bachelors degree in Computer Science, Information Security, or a related IT field. 2-3 years of experience in IT, with at least 1-2 years focused on Application Security & Penetration Testing. Strong understanding of OWASP Top 10 (Web & Mobile) vulnerabilities. Hands-on experience with security tools such as Burp Suite, MobSF, Frida, Objection, Drozer, Jadx, apktool. Proficiency in secure code review (Java, Swift, Kotlin, JavaScript). Expertise in API Security Testing and secure development best practices. Strong analytical, problem-solving, and communication Qualifications : Security certifications such as OSCP, CEH, eJPT, OSWE, GMOB (preferred). Experience with bug bounty programs or responsible disclosure & Benefits : Competitive salary based on experience. Career growth opportunities in Application Security & Ethical Hacking. Health & wellness benefits. Access to continuous learning, certifications, and security training programs. (ref:hirist.tech) Show more Show less
