Application Security Testing Specialist

Overview :

We are seeking a highly experienced and motivated Application Security Testing Specialist to join our team in Pune. The ideal candidate will have a strong, hands-on background in a broad range of application security solutions, penetration testing, and integrating security controls into the CI/CD pipeline. You will play a crucial role in ensuring the security of our applications through robust testing, infrastructure setup, and process implementation.

Key Responsibilities :

Application Security Testing & Analysis :

- Perform penetration testing, vulnerability analysis, and security assessments on various applications (web, mobile, API, etc.).

- Demonstrate strong hands-on experience utilizing and managing various Application Security solutions, including :

1. SAST (Static Application Security Testing)

2. SCA (Software Composition Analysis)

3. IAST (Interactive Application Security Testing)

4. DAST (Dynamic Application Security Testing)

5. API Security Testing

- Analyze and interpret the results from security tests, prioritize findings, and work with development teams to ensure timely remediation.

Security Integration & Infrastructure :

- Design, implement, and maintain security controls and checks within the CI/CD pipeline (DevSecOps).

- Provide technical expertise in the infrastructure setup, configuration, and maintenance of Application Security and Penetration Testing tools.

- Automate security testing processes where possible to enhance efficiency and coverage.

Project Management & Strategy :

- Utilize a strong understanding and experience with project planning and execution for security initiatives.

- Manage the application on-boarding or service adoption process for new security tools and services.

- Work within an Agile delivery framework, collaborating closely with development, operations, and product teams.

- Effectively manage conflicting stakeholder needs and challenge existing practices to ensure optimal security outcomes.

Required Skills & Experience (Primary) :

- Experience : 5+ years of dedicated experience in Application Security Testing or a similar security role.

- Core Security Tools : Hands-on expertise with a variety of Application Security solutions (SAST, SCA, IAST, DAST, API testing).

- Security Assessments : Proven hands-on experience in Penetration Testing and vulnerability analysis.

- DevSecOps : Deep understanding and hands-on experience implementing security controls and gates within CI/CD pipelines (e.g., Jenkins, GitLab CI, Azure DevOps).

- Tool Management : Technical experience in infrastructure setup, deployment, and operational maintenance for Application Security and Penetration Testing tools.

- Methodology : Strong understanding and experience with project management, agile delivery, and successful application or service adoption processes.

Desired Skills (Secondary) :

- Cloud Security : Very good knowledge of the Azure cloud ecosystem and its native security capabilities.

- Technical Foundations : Good knowledge of networking principles, operating systems (Linux/Windows), and scripting (e.g., Python, PowerShell, Bash).

- Version Control : Basic knowledge of version control systems (e.g., Git).

- Communication : Excellent technical communication and documentation skills, with the ability to clearly articulate complex security issues to both technical and non-technical audiences.

- Mindset : Inquisitive, proactive, and able to effectively challenge security decisions and practices.