VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (L2)
Application Security Code Review - SAC (L2), QualysGuard (L2) Tenable (L2)
Certification :- LPT – Licensed Pen Tester from EC-Council.
OSCP – Offensive Security Certified Professional Certification.
This role will assess and identify application security threats and risks. The job includes technical security assessments of applications and its infrastructure, application design reviews as well as application security risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
This role will be responsible for applying cyber security knowledge and threat intelligence to focus the application security / penetration testing on below applications
· Web applications
· Web services
· Mobile applications
· IOT applications
· Thick / Thin client applications
· Standalone applications
Key Responsibilities:
Perform security reviews of application designs, source code and its deployment.
Perform security penetration testing of applications.
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits of Web, Mobile and IOT based applications.
Develop clear and concise security tests reports and its executive summaries.
Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate these to assess vulnerability and risk.
Continuous improvements to existing methodology material and supporting assets of application security testing tools, processes and procedures.
Job Requirements:
A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
5+ years of working experience in IT Security, preferably with exposure to application security testing that includes source code review and application security tests.
Experience in drafting and documenting Penetration Testing Methodologies for all kinds of applications.
Experience in Penetration testing, including web application testing and ideally mobile application and web application security testing.
Experience with various security tools and products (Fortify, AppScan, etc…).
Experience with scripting languages such as python, ruby, POSIX shell
Good understanding of the components of a secure DLC/SDLC.
Strong time management skills, self-directed, with the ability to meet verbal and written deadlines.
Good English communication skills and able to collaborate with techno-functional stakeholders.
VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (L2)
Application Security Code Review - SAC (L2), QualysGuard (L2) Tenable (L2)
Certification :- LPT – Licensed Pen Tester from EC-Council.
OSCP – Offensive Security Certified Professional Certification.
This role will assess and identify application security threats and risks. The job includes technical security assessments of applications and its infrastructure, application design reviews as well as application security risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.
This role will be responsible for applying cyber security knowledge and threat intelligence to focus the application security / penetration testing on below applications
· Web applications
· Web services
· Mobile applications
· IOT applications
· Thick / Thin client applications
· Standalone applications
Key Responsibilities:
Perform security reviews of application designs, source code and its deployment.
Perform security penetration testing of applications.
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits of Web, Mobile and IOT based applications.
Develop clear and concise security tests reports and its executive summaries.
Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate these to assess vulnerability and risk.
Continuous improvements to existing methodology material and supporting assets of application security testing tools, processes and procedures.
Job Requirements:
A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
5+ years of working experience in IT Security, preferably with exposure to application security testing that includes source code review and application security tests.
Experience in drafting and documenting Penetration Testing Methodologies for all kinds of applications.
Experience in Penetration testing, including web application testing and ideally mobile application and web application security testing.
Experience with various security tools and products (Fortify, AppScan, etc…).
Experience with scripting languages such as python, ruby, POSIX shell
Good understanding of the components of a secure DLC/SDLC.
Strong time management skills, self-directed, with the ability to meet verbal and written deadlines.
Good English communication skills and able to collaborate with techno-functional stakeholders.
Wipro is a global provider of consulting, IT Services, and outsourced R&D, infrastructure outsourcing and business process services. We deliver technology-driven business solutions that meet the strategic objectives of Global 2000 customers. With over 25 years in the Information Technology business, Wipro is the largest outsourced R & D Services provider and one of the pioneers in the remote delivery of services. We deliver unmatched business value to customers through a combination of process excellence, quality frameworks and service delivery innovation. Wipro is the World's first PCMM, CMM and CMMi Level 5 certified software Services Company and the first outside USA to receive the IEEE Software Process Award. We are the first services company to embrace Six Sigma, lean manufacturing and factory model concepts to software engineering. We have a wide geographical diversity of operations with over 40 development centers and 10 near shore centers spread across India, Japan, China, Middle East, Eastern Europe, France, Austria, Sweden, Germany, UK and USA. Wipro Arabia Limited (WAL) is a Joint Venture between Wipro Limited and Dar Al Riyadh, a well diversified group in Saudi Arabia having business interests in Engineering Services, Industrial Products, Systems & Integration and Information Technology. Providing integrated solutions spanning the entire IT lifecycle, we converge technology to business to help customers achieve their strategic business objectives. The breadth and depth of our offerings make us the ideal choice for Strategic Engagement relationships where we manage all IT needs of an enterprise on a holistic approach. Backed by over two decades of Wipro’s global experience, best-of-breed technologies, robust process and quality frameworks and strong partnerships with product leaders, we deliver superior performance at optimum costs. Innovation is a key to our success and we are committed to creating sustainable customer value for the long term. We have constantly innovated and launched new service lines which allow our customers across verticals to leverage their IT investments for improved business growth and operational efficiency. IT is a key driver of innovation and growth in KSA and Wipro will bring together a unique blend of agility, technology expertise in applications & infrastructure and excellence in people & processes. Wipro through its industry leading global delivery model, high quality processes, and deep technological skills assists High-tech clients by providing Cost Optimized solution, Enhancing of Revenue & Customer Equity and Stimulating innovation while reducing the time-to-market delivery. Wipro’s global service delivery model ensures a service of the highest quality with Six Sigma consistency that translates into improved efficiencies and quicker return on investments.