Security Researcher Full-time

at Appknox in Banglore (Published at 10-02-2020)

Appknox is a mobile application security suite used by enterprises to secure their mobile applications. Working with fortune 100 companies and also with new-age technologies. We are the highest rated company in Gartner and have #1 SAST and #2 DAST platform as per G2crowd.

We are looking for security researchers who can work in a fast-paced environment. If you have what it takes to be part of one of the fastest-growing and youngest security company then please apply.

Below is the expectation from anyone who would be joining Appknox -
Long term objective
● Security Researcher and analyst proficient in Black box penetration testing
and security assessment in Web and Mobile Applications.
● Must have a solid understanding of the basics of application security to be
able to innovate and identify new attack vectors and methodologies.
● Must be passionate about security to be able to perform research into the
various aspects of the cybersecurity industry.

First Month
● Understanding how mobile applications are built, and the difference in the
architectures of various mobile platforms.
● Get familiar with mobile application security tools
● Under the guidance of the security researcher assigned to them must be able to complete one android and one ios application scan.
● Familiarize themselves with the various teams within Appknox and their role as a Security Researcher within the company.

Second & Third Month
● Must be able to proficiently work on Web and Mobile Applications.
● Must be comfortable in profiling an application, identifying threats, and
developing test cases.
● Familiarity with at least one software programming language and framework

Six Months
● Practical experience in a mobile application (android / iOS), web and cloud security assessment
● Exposure to API security testing
● Experience conducting a secure code review
● We should be able to identify at least one topic of research and document the results of the above mentioned Research.
● Write in-house tools and automated scripts

Technical Skills:

● Basics of Information Security
● Knowledge of OWASP Top 10 for mobile and web applications
● Experience of application security architecture, code review, reverse engineering of apps
● Knowledge to perform iOS & Android Apps Security Testing (Static, Dynamic & API level Analysis)
● Knowledge and experience of rooting/jailbreaking Android/iOS
● Knowledge of Android/iOS/Windows forensics
● Understanding of common vulnerabilities in web and mobile applications
● Knowledge of security engineering, system and network security, authentication and security protocols, cryptography
● Should have hands-on experience with at least one programming/scripting language from PHP, Python, Frida, Java-scripting, Perl, C#, ASP .Net, Java, Ruby
● Should be able to write in-house tools and automated scripts

Extras (not necessary, but good to have):

● Knowledge about PCI DSS, HIPAA compliances
● Excellent client relationship skills
● Excellent communication and report writing skills
● Part of the bug bounty platforms & CTFs
● Publications in security conferences
● Certifications related to information security fields

Recent jobs at Appknox

Viewed: 464 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend