Job Description
Hands on Experience with Mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, IDA etc. Experience in iOS and Android application pen testing Someone who can carry out application penetration tests (web as well as mobile) Performing security testing over APIs Ability to write scripts/tools to assist in testing Experience in different types of penetration testing - Black box, Grey box and White box Demonstrated experience with common penetration testing and vulnerability assessment tools (open source and commercial) such as nmap, Wireshark, Kali Linux OS, Metasploit, Burp Suite, Open VAS, OWSAP ZAP, Accunetix, Nikto, Nessus, sqlmap Intermediate knowledge of a programming languages such Java, JavaScript and SQL. Intermediate knowledge of Web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX Intermediate knowledge of application security mechanisms such as authentication and authorization. techniques, data validation, and the proper use of encryption Support development teams with the implementation and running of penetration tests as per Secure SDLC Go beyond conventional checklists to create new ones fine-tuned to Airtel specific needs Experience with assessment development implementation integration optimization and documentation of a comprehensive and broad set of security technologies and processes within SaaS, IaaS, PaaS environments Manage data and infrastructure security through the use of firewall, antivirus, WAF, DLP and IPS solutions Proactively research and recommend infrastructure optimization and enhancements
Employement Category:
Employement Type: Full time
Industry: Others
Role Category: Others
Functional Area: Not Applicable
Role/Responsibilies: Sr Information Security Analyst
Keyskills:
Mobile application testing
iOS
Android
Penetration testing
Security testing
APIs
Scripting
Programming languages
Web technologies
Secure SDLC
Assessment development
Infrastructure security
Firewall
Antivirus
DLP
Penetration testing tools
Vulnerability assessment tools
Application security mechanisms
WAF
IPS