Senior Information Security Engineer

Key Responsibilities :

Perform

web application, API, and mobile application penetration testing

using industry-leading methodologies (OWASP, PTES, etc.).

Conduct

network penetration testing

and infrastructure security assessments.

Execute

Vulnerability Assessment and Penetration Testing (VAPT)

engagements, document findings, and recommend remediations.

Integrate security into the

Software Development Lifecycle (SDLC)

and advise development teams on secure coding practices.

Develop, enhance, and maintain

security testing frameworks and tools .

Review and validate security patches, mitigations, and fixes.

Stay updated on the latest

attack techniques, exploits, and threat landscapes

to enhance testing methodologies.

Collaborate with cross-functional teams to support security awareness and risk reduction efforts.

Required Skills & Qualifications :

46 years of experience

in Information Security, with a focus on

application and network penetration testing .

Hands-on experience with tools like

Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools .

Deep understanding of

OWASP Top 10 ,

SANS Top 25 , and common exploitation techniques.

Experience in

secure SDLC

practices and working with development teams to resolve findings.

Strong knowledge of

mobile application security

(iOS and Android) and

API testing methodologies .

Excellent report writing and communication skills for both technical and non-technical stakeholders.

Preferred Certifications (1 or more) :

OSCP (Offensive Security Certified Professional)

OSWE (Offensive Security Web Expert)

eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)

PNPT (Practical Network Penetration Tester)

HTB CPTS (Certified Penetration Testing Specialist)

#J-18808-Ljbffr