Web Application Penetration Testing

Web Application Penetration Testing

This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office.

**Who We Are**:
In the HPE Hybrid Cloud**,** we lead the innovation agenda and technology roadmap for all of HPE. This includes managing the design, development, and product portfolio of our next-generation cloud platform, Green Lake. Working with customers, we help them reimagine their information technology needs to deliver a simple, consumable solution that helps them drive their business results. Join us redefine what’s next for you.

**What you’ll do**:

- Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed.
- Analyze security incidents and provide timely response and remediation actions to mitigate potential threats.
- Develop and maintain security documentation, including security requirements, design documents, and security testing reports.
- Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems.
- Stay up to date with emerging security threats and industry best practices and recommend security enhancements and controls accordingly.
- Provide security guidance and support to cross-functional teams, including developers, architects, and project managers.
- Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements.

**What you need to bring**:

- Bachelor's degree in computer science, Information Security, or a related field.
- Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk.
- Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code.
- Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices.
- Excellent analytical and problem-solving skills, with attention to detail.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
- Certifications such as CISSP, CEH, or CASE (Java), or equivalent.
- Demonstrated ability to work independently and prioritize tasks in a fast-paced environment.

Desired Skills:

- Experience with cloud security principles and practices, including secure configuration management and identity access management (IAM).
- Knowledge of containerization technologies (e.g., Docker, Kubernetes) and related security controls.
- Understanding of secure authentication mechanisms (e.g., OAuth, JWT) and encryption techniques.
- Participation in bug bounty programs, Capture the Flag (CTF) competitions, or open-source security projects.
- Experience with scripting languages (e.g., Bash, PowerShell) for automation of security tasks and processes.

Desired Skills and Qualifications:

- Bachelor’s degree in computer science, Information Technology, or related field.
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration abilities.
- Proven ability to work effectively in a fast-paced environment.
- Continuous learning mindset to stay updated with evolving security threats and technologies.

**Additional Skills**:
Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX)

**What We Can Offer You**:
**Health & Wellbeing**

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

**Personal & Professional Development**

**Diversity, Inclusion & Belonging**

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

**Let's Stay Connected**:
india #hpeocto

**Job**:
Engineering
**Job Level**:
Intermediate

HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT and Affirmative Action employer. We are committed to diversity and building a team that represents a variety of backgrounds, perspectives, and skills. We do not discriminate and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global diverse team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity.

**Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities.**

HPE will comply with all applicable laws related to employer use of arrest and conv