Senior Information Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Key Responsibilities:
-
Perform web application API and mobile application penetration testing using industry-leading methodologies (OWASP PTES etc.).
-
Conduct network penetration testing and infrastructure security assessments.
-
Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements document findings and recommend remediations.
-
Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.
-
Develop enhance and maintain security testing frameworks and tools.
-
Review and validate security patches mitigations and fixes.
-
Stay updated on the latest attack techniques exploits and threat landscapes to enhance testing methodologies.
-
Collaborate with cross-functional teams to support security awareness and risk reduction efforts.
Required Skills & Qualifications:
-
46 years of experience in Information Security with a focus on application and network penetration testing.
-
Hands-on experience with tools like Burp Suite OWASP ZAP Metasploit Nmap Nessus and other manual testing tools.
-
Deep understanding of OWASP Top 10 SANS Top 25 and common exploitation techniques.
-
Experience in secure SDLC practices and working with development teams to resolve findings.
-
Strong knowledge of mobile application security (iOS and Android) and API testing methodologies.
-
Excellent report writing and communication skills for both technical and non-technical stakeholders.
Preferred Certifications (1 or more):
-
OSCP (Offensive Security Certified Professional)
-
OSWE (Offensive Security Web Expert)
-
eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)
-
PNPT (Practical Network Penetration Tester)
-
HTB CPTS (Certified Penetration Testing Specialist)
Employment Type
Full Time
