Sr Information Security Analyst @ BCD Travel

Job Description

Hands on Experience with Mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, IDA etc. Experience in iOS and Android application pen testing Someone who can carry out application penetration tests (web as well as mobile) Performing security testing over APIs Ability to write scripts/tools to assist in testing Experience in different types of penetration testing - Black box, Grey box and White box Demonstrated experience with common penetration testing and vulnerability assessment tools (open source and commercial) such as nmap, Wireshark, Kali Linux OS, Metasploit, Burp Suite, Open VAS, OWSAP ZAP, Accunetix, Nikto, Nessus, sqlmap Intermediate knowledge of a programming languages such Java, JavaScript and SQL. Intermediate knowledge of Web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX Intermediate knowledge of application security mechanisms such as authentication and authorization. techniques, data validation, and the proper use of encryption Support development teams with the implementation and running of penetration tests as per Secure SDLC Go beyond conventional checklists to create new ones fine-tuned to Airtel specific needs Experience with assessment development implementation integration optimization and documentation of a comprehensive and broad set of security technologies and processes within SaaS, IaaS, PaaS environments Manage data and infrastructure security through the use of firewall, antivirus, WAF, DLP and IPS solutions Proactively research and recommend infrastructure optimization and enhancements

Employement Category:

Employement Type: Full time
Industry: Others
Role Category: Others
Functional Area: Not Applicable
Role/Responsibilies: Sr Information Security Analyst

+ View Contact

Keyskills:   Mobile application testing iOS Android Penetration testing Security testing APIs Scripting Programming languages Web technologies Secure SDLC Assessment development Infrastructure security Firewall Antivirus DLP Penetration testing tools Vulnerability assessment tools Application security mechanisms WAF IPS