Security Test Engineer : Vulnerability Assessment/Penetration Testing

  • Posted on : December 17, 2021

We are hiring strong Security Test Engineers with 3 to 5 years’ experience. As a security test engineer, you will be contributing to the enhanced security posture of applications we develop by testing through various techniques to confirm whether known and unknown weaknesses exist in them. It is your responsibility to understand the context in which these applications are used and use your knowledge to compose attack vectors that challenge the confidentiality, integrity, and availability of such applications.

Job description

Role :
We are hiring strong Security Test Engineers with 3 to 5 years' experience. As a security test engineer, you will be contributing to the enhanced security posture of applications we develop by testing through various techniques to confirm whether known and unknown weaknesses exist in them. It is your responsibility to understand the context in which these applications are used and use your knowledge to compose attack vectors that challenge the confidentiality, integrity, and availability of such applications.
Responsibilities :
  • Perform continuous penetration testing and code reviews.
  • Plan and create penetration methods, scripts, and tests.
  • Work with the software development, IT operations, and Information Security Teams to ensure applications are not only secure by design, but also throughout execution and evolution, with a focus on company goals, strategy, process interdependencies, etc.
  • Ensures the security of the code for software products developed for our customers follows best practices and internal guidelines.
  • Continuous review and understanding of new industry security threats and associated technologies.
  • Maintain knowledge of OWASP TOP 10 Web Application Security Risks, MITRE ATT&CK, and other relevant application security standards and best practices.
  • Stay up to date on evolving tactics, techniques, and procedures utilized by malicious actors and understand attack kill chain phases such as initial access, code execution, privilege escalation, lateral movement, and data exfiltration.
  • Deliver technical documented reports on test findings.
  • Knowledge of CVSS v3.0 rating and can accurately assess vulnerabilities based on the principal characteristics of a vulnerability

Preferred skills

  • Experience with various testing tools Burp suite, OWASP ZAP, Kali Linux, Wireshark.
  • Experience testing web-based APIs (i.e. REST, SOAP, XML, JSON)
  • Proficiency in one or multiple programming languages such as C/C++/C#, Python, Java, Swift, JavaScript.
  • Experience in working with development and test teams to perform penetration tests, manual and automated vulnerability assessment scans, risk and threat analysis, code reviews, and assist with remediation
  •  Proficiency in Identifying and reporting vulnerabilities in applications and their supporting infrastructure, and research threat and attack vectors that impact applications.
Qualifications :

Bachelor’s Degree or equivalent from a reputed university.

Location :

Thiruvananthapuram/WFH

Contact email :
careers@travanleo.com