IBM jobs - App sec VAPT Engineer

Responsibilities:

• Perform web applications, thick client applications, mobile applications, API and network penetration testing.
• Communicating your findings to both Business and Developers
• Work with implementation partner to see project on track
• Provide required reports to management and client
• Handle the project as well as BAU operations
• Ensure high level of systems security compliance
• Involved in performing manual and automated penetration testing.
• Coordinate with and act as domain expert to resolve incidents by working with other information security specialists to correlate threat assessment data
• Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
• Involved in vulnerability scanning and assessment for various projects.
• Involved in setting up the process for vulnerability management.
• Experience in scheduling scans and processing the vulnerability reports

• 4+ years of experience in application security
• Experience in Vulnerability Assessment and Penetration testing of web applications, thick client applications, mobile applications, API and network.
• Understanding of web-based application (OWASP Top 10) vulnerabilities.
• Understanding of TCP/IP network protocols.
• Working knowledge of industry standard risk, governance and security standard methodologies
• Expertise on skills like NIPS, WAF, SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Security
• Proven ability of incident response processes (detection, triage, incident analysis, remediation and reporting)
• Proven attention to detail and organizational skills and ability to coordinate input and develop relevant metrics
• Competent with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc.
• Ability to multitask and work independently with minimal direction and maximum accountability

• One or more security certifications: OWASP,CEH, Security+, GSEC, GCIH, etc
• You love collaborative environments that use agile methodologies to encourage creative design thinking and find innovative ways to develop with cutting edge technologies
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops, reviewing publications