This job ad has been posted over 30 days ago...



Application Security Testing Full-time

at Toorid Networks Pvt. Ltd. in Noida (Published at 20-06-2014)

The candidate will:
1. Perform and lead assessments across all Corporate IT operations and services performing application security audits.
2. Conduct threat modelling and design reviews during the design phases of the development life cycle.
3. Summarize and document results of testing for management reporting including proper disposition of test exceptions.
4. Cultivate working relationships with various IT and Business groups acting in a consultative capacity for various projects by helping them understand security vulnerabilities.
5. Identify application security risks and requirements for new projects and system developments.
6. Develop security test plans and integrate into the software development life cycle.
7. Perform/oversee security testing and manage remediation of identified vulnerabilities
8. Monitor and proactively report on current threats and vulnerabilities to application security.
9. Deliver application Security Training and awareness sessions.


Must Have

1. 2‐3 years of Application Security assessment experience.
2. Bachelor or Master's Degree in Information Systems, Computer Science, Information Technology.
3. Knowledge of common IT technologies (OS, databases, network devices, applications)
4. Experience with implementing and auditing controls from industry and regulatory frameworks and standards (e.g., NIST, ISO, PCI‐DSS, OWASP, etc.).
5. Automation and Manual Code review Experience.
6. Application Penetration Testing experience.
7. Experience on both commercial and open source tools ( Burpsuite, metasploit, Checkmarx, Whitehat Sentinel, AppScan, WebInspect, Fortify, Paros,Nessus, nmap, wikto, nikto sqlmap)
8. Hands on experience in Dynamic security testing.
9. Understanding of OWASP top 10 and mitigation techniques.
10. Strong project management skills and ability to multi‐task.
11. Highly motivated and proactive.
12. Detail oriented, analytical and essential a team‐player.
13. Strong communications skills to be able to interact with technical and non‐technical colleagues.
14. Certification such as CEH, ECSA, OSCP, ISO27001.


Note: Applications have been closed.

Viewed: 1173 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend