Application Security Tester (Information Security Analyst)

Job Description
Position: Information Security Analyst (Application Security Tester)
Functional Reporting: Global Head of IT Security
 
Principle Responsibilities:

• The analyst will perform manual application security testing on web applications on premises and AWS cloud reporting issues through the internal platforms.
• Integrate and manage DAST and SAST scanning tools on CI/CD pipelines during the SDLC.
• Automate repetitive tests such as regression of previous vulnerabilities on reach release.
• Consume third party libraries vulnerability reports and perform proof of concepts.
• Develop proof of concepts exploits when required.
• Validate report results from various scanning tools.
• Recommend security controls for application teams.

Qualifications

• 3+ years working in the information security field.
• 2+ years working in the application security testing field.
• 2+ years working in finance area is an advantage.
• Programming knowledge capable of writing exploits and automation scripts. (Java or Python are preferred)
• Excellent knowledge of network and TCP/IPV4
• Practical knowledge testing and working with Websockets using programming.
• Practical and theoretical knoledge working with HTTP protocol, web servers and load balancers.
• Ability to test, explain and recommend solutions for all OWASP top 10 vulnerabilities.
• Practical knowledge on Cryptography.
• Web Application Firewalls from a security testing standpoint.
• Knowledge of AWS services including API consumption using programing is an advantage.
• GWAPT and GCPN Security Certifications an advantage.