Security Tester

2 weeks ago

Siliguri, West Bengal, India WTW Full time

The Role

  • Creates security test approach and strategy from system requirements and design/ product documents.
  • Research, POC and implement new security testing tools, procedures and processes
  • Analyze development enhancements, identify appropriate security testing coverage and adapt using automated security testing tools.
  • Test environment and data set up of security testing.
  • Perform on going release validation security testing, identify security defects and analyze root cause.
  • Responsible for creating and maintaining test evidence.
  • Plan, prepare and facilitate annual 3 rd party vulnerability analysis to ensure industry compliance.
  • Must be able to take on leadership responsibilities and influence the direction of the security testing effort, its schedule and prioritization.
  • Research and document detect reports following agreed-upon processes immediately upon discovery of a security defect

The Requirements

  • BE, BTech or MCA with minimum 4-5 years of experience in security testing field
  • Good understanding of Web & Mobile application development and related technologies such as REST, Java Script, HTML5, AJAX, Microservice, Angular etc.
  • 3 + years of hands-on experience in DAST scanning tool like IBM AppScan, Qualys, Netsparker, Acunetix etc. is a must
  • Hands- on experience in penetration testing using tool like Burp Suite/OWASP ZAP is a must
  • Hands on experience with Mobile application/web application security testing beneficial.
  • Well versed with secure coding practices and OWASP guidelines.
  • Knowledge of SAST scanning tool like Checkmarx, Fortify etc. will be an added advantage.
  • Experience with Kali Linux will be an added advantage.
  • Experience of using Android emulator like Genymotion will be an added advantage.
  • Working experience with Source/Version control systems (eg: Git)
  • Good understanding of network protocols, design and operations
  • Working knowledge of Security principles, techniques and technologies
  • Experience in Agile development methodologies preferable.
  • Experience in employee benefits, insurance, finance or healthcare helpful
  • Experience in tool like Tenable Security/wiz will be an added advantage

Soft skills/Behavioural skills:

  • Commitment - Should pull the team forward during trying times. Should have a positive attitude.
  • Teamwork and collaboration - Can switch based on situations as sometimes being a leader, sometimes being a good follower, monitoring the progress, meeting deadlines and working with others across the organization to achieve a common goal.
  • Adaptability - Should have a passion for learning and the ability to continue to grow and stretch the skills to adapt to the changing needs of the organization.
  • Problem solving - Should has a urge to resolve problem himself rather than delegating.
  • Resource Management - Need to know how to efficiently use the resources for the betterment of the assignments leading. Should have a good ability to effectively communicate and interact with other individuals on the team and all key stakeholders