Penetration Tester

Qualifications:

• Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education,
• Minimum 4 years of experience in Web Application Penetration testing,
• Knowledge of various web application architectures,
• Core experience and profound knowledge in web application and infrastructure security testing,
• Strong understanding and hands on experience on application and infrastructure vulnerabilities, automated/manual testing, auditing and remediation techniques,
• Strong Understanding of OWASP, WASC 2.0 Threats classification,
• Experience with standard security tools such as MetaSploit, SQLMap, Acunetix, AppScan, Skipfish, etc.
• Understanding of TCP/IP networking, HTTP protocols and their uses,
• Experience with network penetration test tools such as Nessus, Qualys, nmap etc.,
• Experience with establishing penetration testing procedures and processes,
• Strong written and verbal communication skills with the ability to interpret and fully explain the programming impact of vulnerabilities as well as any recommended remediation,
• Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude.
• Understanding of server and client side application development,

• Experience with performing code review, wireless and firewall assessments,
• Programming background (C++, Perl, Python, Shell ) for tool and exploit development,
• Technical knowledge in network security products, cryptographic suites and network/application firewalls,
• Experience in evasion techniques to bypass firewalls, and intrusion detection,
• Experience with mobile application and operating system testing,
• Knowledge in scripting (any language) and experience in automation scripts for application security testing,
• Hands on experience in security testing of Web service, Mobile applications, APIs etc.,
• Knowledge in Application Architecture Review, Threat modeling concepts,
• Testing automation is a plus.