About QualiZeal
Founded on Principles of Delivery Excellence, Service Orientation, and Customer Delight. In today’s hybrid work environment, it has become imperative to build leaders across the layers of the organization. Individual contributors with a focus on self-management and business alignment are key to the success of the organization. Keeping the clients at the center of everything we do is a paramount philosophy of our company. Our endeavor is to surpass customer expectations by going the extra mile in all our project interactions.
We are guided by values of empathy and sincerity. Our employees are provided opportunities for training and self-growth. We are building an academy where the team’s technical competencies are nurtured to meet the growing expectations from our customers.
Our vision is to be amongst the most respected and valued testing and quality engineering companies in the world. All our actions are guided by this common mission.
Description
The Security Test Engineer / Analyst is responsible for integrating Dynamic application security testing into the Dev environment, planning, creating, and executing DAST assessments. Guide and train developers and strengthen internal tech knowledge on application security. Should be able to integrate DAST into CI/CD pipeline. The ideal candidate will be able to set up a new security process in the customer’s organization and ensure customer satisfaction
Requirements
- Should have hands-on experience in testing web applications, thick-client applications, APIs, databases, and infrastructure (networks)
- Executing automated and manual security testing assessments using prominent/well know tools available in the market
- Eliminating false positives from the scan results.
- Should have experience in threat modeling and calculating the risk posture of the application
- Contribute towards product security by design concept and help in developing a holistic strategy towards product security by adopting well know industry standards
- Carry out different Security testing activities based on the scope and in line with various compliance requirements
- Conduct Penetration Testing with attack simulations on the identified vulnerabilities
- Transfer tech knowledge (internally). Create utilities for internal use. Provide support to the development team to understand identified vulnerabilities and provide remediation suggestions
- Provides a broad picture of the vulnerabilities affecting the applications and determines the severities of the vulnerabilities identified & prioritizes fixes at the application level
- Developing familiarity with the newest tools and best practices
Desired attributes
- 3 to 5 years of relevant hands-on experience in Security testing spanning across Application/Networks/ Infrastructure/APIs
- Should have experience in Dynamic application security testing, penetration testing, mobile app security testing, and IoT security
- Should be able to integrate DAST into CI/CD pipeline
- Experience in cloud security will be an added advantage
- Should be certified in any; CEH, OSCP or GIAC
- Presentation Skills: Create presentations and training skills.
- Excellent team / autonomous work capabilities
- Excellent human skills