Application Security Testing Engineer

Nityo Infotech Corporation
Ranchocucamonga, CA
26 Feb 2025

Vacancy expired!

Position: Application Security Testing Engineer

Location: Rancho Cucamonga, CA 91730 (Onsite, 5days a week at office)

Duration: 12 Months Project

Job Description

Who are we looking for? Looking for application and security analyst with minimum of total 3+ years of experience in conducting application and security tests against variety of technologies including web application, cloud, mobile and infrastructure as part of a team. Should be able to serve as a trusted advisor in helping customers with relevant decisions based on the findings of the reports and dashboards.

Technical Skills:
  • Conduct application and security assessment and penetration tests against variety of technologies including web application, mobile, cloud, as part of a team
  • Client is focusing on compliance and risk aspect of applications for Azure, Office 365 and GRC
  • Such as conduct a security assessment against applications – using CSA type of questionnaire.
  • Implement security policies in Office 365 and Azure
  • Analyze vulnerability reports, segregate & prioritize the vulnerabilities, and do impact analysis, risk assessment, and identify false positives
  • Good foundation of common software vulnerabilities and their remediation/ mitigation techniques
  • Assist with determining and defining appropriate testing scope
  • Work collaboratively with a variety of internal stakeholders to deliver high quality penetrations tests
  • Provide reports which highlight and clearly articulate vulnerabilities and weakness to clients in terms they understand
  • Work within virtual teams of security and technical specialists to ensure quality delivery of leading security assurance services to our internal clients
  • Maintain a relevant skill with which to conduct penetration testing in the following domains:
  • Infrastructure
  • Application
  • Mobile (iOS, Android)
  • Code review
  • Work independently or as part of a team on penetration tests
  • Work with global team and external entities to deliver Security Assurance services
  • Analyze and review security issues identified
  • Supplement automated assessment techniques with manual security assessment approaches
  • Communicate security issues identified and mitigation/remediation options
  • Should be able to articulate technical concepts in plain words to non-technical community
  • Provide regular assessment progress updates that include sufficient detail to convey work completed and upcoming activities
  • Research new and emerging threats, counter controls, and technologies on various platforms
  • Pentesting skills and experience in application/infrastructure/mobile
  • Understanding of the security mechanisms associated with applications, Operating systems, Networks, Databases, Virtualization, and cloud technologies

Should be well versed with the following:
  • TLS transparency log analysis
  • Scheduled web application penetration testing
  • Application Manual & automated testing
  • External penetration testing
  • Multi-factor authentication (MFA) assessment
  • Vulnerability management program enhancements
  • Programming /scripting skills
  • Experience working with NIST, OWASP, MITRECWE, MITRE ATT&CK etc.
  • CREST/OSCP/SANS or equivalent pentesting certification
  • Tools experience in security assessment tools (e.g. NESSUS, NMAP, BurpSuite, ZAP, OWASP tools, Kali Linux tools)
  • Experience in Automating Security tests using scripting languages (e.g., Python, Perl, Ruby)
  • Good Written & Verbal Communication Skills
  • Presentation Skills
  • Define and assist in the creation of operational and executive security reports and dashboards
Thanks & RegardsAvinash Kumar Shukla
  • ID: #49358898
  • State: California Ranchocucamonga 75023 Ranchocucamonga USA
  • City: Ranchocucamonga
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2023-02-26
  • Deadline: 2023-04-25
  • Category: Security