Application Security Tester

We are CirrusLabs . Our vision is to become the world's most sought-after niche digital transformation company that helps customers realize value through innovation. Our mission is to co-create success with our customers, partners and community. Our goal is to enable employees to dream, grow and make things happen. We are committed to excellence. We are a dependable partner organization that delivers on commitments. We strive to maintain integrity with our employees and customers. Every action we take is driven by value. The core of who we are is through our well-knit teams and employees. You are the core of a values driven organization.

You have an entrepreneurial spirit. You enjoy working as a part of well-knit teams. You value the team over the individual. You welcome diversity at work and within the greater community. You aren't afraid to take risks. You appreciate a growth path with your leadership team that journeys how you can grow inside and outside of the organization. You thrive upon continuing education programs that your company sponsors to strengthen your skills and for you to become a thought leader ahead of the industry curve

.

You are excited about creating change because your skills can help the greater good of every customer, industry and community. We are hiring a talented Application Security Tester (SAST & DAST) to join our team. If you're excited to be part of a winning team, CirrusLabs ( http://www.cirruslabs.io ) is a great place to grow your career.

Job Description:

Experience - 3 - 8 years

Location - Hyderabad/Bangaluru

- Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS). We should look for a candidate who has deep and diverse hands on exp in above skills. Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps.
- Understand and be compliant with the Service Level Agreements defined for the DevSecOps services; Understand and deep knowledge of application security engineering principles, and helping clients development team and function to follow secure development practices which includes primarily monitoring and performing the security design review, architecture review, threat modeling, security testing, secure code review, secure build processes;
- Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled during operations; Facilitate use of technology-based tools or methodologies to continuously improve the monitoring, management and reliability of the service; Perform manual and automated security assessment of the applications; Involved in triaging and defect tracking process with the development team and helping the team to fix issues at the code level based on the priority of the tickets; Be a liaison between the Application development and infrastructure team, and integrate the processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying, researching and analyzing application security events which may include emerging and existing persistent threats to the client's environment; and Performing active monitoring and tracking of application related threat actors and tactics, techniques and procedures (TTPs), that could likely cause an impact to client organization

---