Description

Job Code : EWC - 1364

Required skills

  • Experienced in Web application penetration testing 
  • Experienced Mobile application penetration testing
  • Coding skills to test/simulate infiltration
  • Excellent knowledge of computer security and systems
  • Understanding of how vulnerabilities and security breaches can disrupt business
  • Good in troubleshooting and problem-solving skills
  • 5+ or more years conducting penetration testing using freeware and commercial tools like BurpSuite, security reviews, threat modeling, tracking findings. 
  • Hands on exp in the area of DAST, SAST, Code review, DevSecOps etc.
  • Conversant in at least one programming language such as Python or Java 
  • Familiar with typical web application vulnerabilities, especially OWASP top 10, understand the risk and principle of the vulnerabilities. 
  • Hands on skills to identify common vulnerabilities in real application, not just demo or lab. 
  • Understand how HTTP works. 
  • Basic ability to research, study and know how to solve simple technical issues 

Good to have skills

  • Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.) 
  • Ability to identify and exploit mobile vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)
  • Create new testing methods to identify anomalies, vulnerabilities
  • Communication skills to collaborate with different teams, document execution report and share findings

Education

ANY GRADUATE