Application Security

Description

4 to 7 years of

experience on cyber security testing

Experience on defining Security Testing Strategy, identify tools and

technologies and implementing it

Experience working on Cloud environment and validating cloud security

architecture (AWS/ Azure/ GCP)

Experience on performing penetration testing on web, mobile and APIs

Experience on setting up SAST (Static Application Security Testing), SCA

(Software Composition Analysis) and DAST (Dynamic Application Security

Testing) solutions as part of DevSecOps

Experience on performing SAST, SCA and DAST scans using different toolsets

(SAST - Veracode/CheckMarx/Fortify/SonarQube, DAST- BurpSuite, ZAP, Nexploit,

Acunetix, SCA - OWASP Dependency Check, CheckMarx, Veracode, Black

Duck)

Experience on conducting false positive and false negative analysis as part

of SAST, DAST and SCA

Good knowledge on Cloud Security testing tools like Prisma Cloud and

security risk intelligence tools like Nexpose

Experience on ISO 27001, GDPR, PCI DSS compliance testing

Experience on working closely with development team and the InfoSec team

for implementing cyber security solution

Strong knowledge on one of the programming languages (Java/C#/Python)

Good knowledge on frameworks (Angular/React/ Node/Spring/ Spring

Boot)

Experience on identifying cyber security requirements by working closely with

the InfoSec team

The Cloud certifications like AWS Certified Security - Speciality/Azure

AZ-500 or other security certifications like OSCP, OSCE, CREST, CISSP is good

to have

Strong knowledge on containerization and orchestration tools like Docker,

Kubernetes, Rancher

String knowledge on one of the infrastructure-as-code tools - Terraform,

Chef, Ansible.

3 must haves

Mobile Security Testing 4/5

Checkmarx. Web inspect 3/5

**Requirements**:
4 to 7 years of

experience on cyber security testing

Experience on defining Security Testing Strategy, identify tools and

technologies and implementing it

Experience working on Cloud environment and validating cloud security

architecture (AWS/ Azure/ GCP)

Experience on performing penetration testing on web, mobile and APIs

Experience on setting up SAST (Static Application Security Testing), SCA

(Software Composition Analysis) and DAST (Dynamic Application Security

Testing) solutions as part of DevSecOps

Experience on performing SAST, SCA and DAST scans using different toolsets

(SAST - Veracode/CheckMarx/Fortify/SonarQube, DAST- BurpSuite, ZAP, Nexploit,

Acunetix, SCA - OWASP Dependency Check, CheckMarx, Veracode, Black

Duck)

Experience on conducting false positive and false negative analysis as part

of SAST, DAST and SCA

Good knowledge on Cloud Security testing tools like Prisma Cloud and

security risk intelligence tools like Nexpose

Experience on ISO 27001, GDPR, PCI DSS compliance testing

Experience on working closely with development team and the InfoSec team

for implementing cyber security solution

Strong knowledge on one of the programming languages (Java/C#/Python)

Good knowledge on frameworks (Angular/React/ Node/Spring/ Spring

Boot)

Experience on identifying cyber security requirements by working closely with

the InfoSec team

The Cloud certifications like AWS Certified Security - Speciality/Azure

AZ-500 or other security certifications like OSCP, OSCE, CREST, CISSP is good

to have

Strong knowledge on containerization and orchestration tools like Docker,

Kubernetes, Rancher

String knowledge on one of the infrastructure-as-code tools - Terraform,

Chef, Ansible.

3 must haves

Mobile Security Testing 4/5

Checkmarx. Web inspect 3/5

**Benefits**:
Why QAIT- A Qualitest company?

At QA InfoTech (a CMMi Level III and ISO certified company), we specialize in providing independent offshore software testing and unbiased software quality assurance services to product companies, ranging from the Fortune 500s to start-up companies.

We are one of the reputed outsourced QA Independent testing vendors with years of expertise helping clients across the globe.

Have continuous access to and work with Senior Testing Specialists and Practice Experts

Work with cutting edge technology in a company built by testers for testers, this is what we do

As a global company, we offer unique placement opportunities around the world

Our employees are the reason for our success, we constantly encourage career development and promote from within.

Intrigued to find more about us?