Security Test Analyst - 4-6yrs - Pune



Application Security/Penetration Testing


• As an application security SME, be part of
Security Testing Center-of-Excellence (CoE) group and be responsible for the
CoE driven initiatives on application security

• Perform application vulnerability scans and
code reviews using web scanners, database scanners and static code analyzers

• Carry out application security training for
different testing teams

• Under moderate supervision manage Application
Security testing projects (small/medium) along with its risks and dependencies

• Act as a Subject Matter Expert (SME) on
Application security having technical hands-on experience




• Around 3 to 5 years of Application Security
experience inclusive of working in large projects and teams

• Strong familiarity with core application
security testing principles with research oriented mindset

• Good working knowledge of application
exploitations and their remedies (e.g. Cross Site Scripting, SQL injection
attacks, and buffer overflow)

• Thorough understanding of application
architecture and the various application tier and database tier components
(e.g. schemas, database objects, and file system structure.)

• Will be an added advantage to have experience
with Source Code analyzers/ByteCode scanners (Fortify, Ounce, Coverity,
Klocwork, Prefix/Prefast/ Findbugs, FXCop) and able to evaluate the results

• RDMS experience, e.g. Oracle or MS SQL Server
will be an added advantage

• Having any industry accepted certifications
(from ISACA, ISC2, GIAC etc) will be an added advantage

• Excellent Written & Verbal



Application Security/ Penetration Testing

Cross Site Scripting/SQL injection attacks/buffer


– 4-6yrs

– Pune


– Sneha Harnandka