About the Role
Requirements
Mandatory Requirements:
Resource must have minimum of five (5) years Application Development and/or Web Application Security experience testing and mitigating risks related to web applications and websites development.
Experience with web protocols including HTTP, HTTPS, and SOAP
Experience in static and dynamic application security testing using SAST/DAST tools and manual techniques.
Experience with cybersecurity standards such as CIS Open Web Application Security Project (OWASP) Application Security Testing and NIST 800-95 Standards
Experience with secure communication, authentication and encryption protocols such as SAML,OAuth2, LDAP and TLS/SSL Standards
Details (Indicate specific technologies and alignment to experience detailed in resume)
Recommending and testing security controls within applications using both automated and manual techniques.
Performing web application vulnerability assessments and penetration testing.
Performing Cloud security testing and configuration validation across major cloud platforms including Azure, Oracle Cloud Infrastructure and AWS.
Conducting security testing for mobile operating systems and applications.
Performing security testing on web services and Application Programming Interface (APIs).
Conducting code reviews and support secure code repositories.
Testing and validating configurations of web applications behind Web Application Firewalls (WAF).
Promoting visibility into applications with security tools such as SIEM.
Performing Cyber Incident monitoring and security incident response.
Performing threat Risk Assessments.
5+ years of Application Development and/or Web Application Security experience testing and mitigating risks related to web applications and
websites development in private and/or public sectors.
Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional(OSCP), CEH ,GIAC GWEB and/or Cloud
certifications such as Azure Microsoft Certified Azure Developer Associate would be considered beneficial.
Experience with web protocols including HTTP, HTTPS, and SOAP.
About the Company