Advanced Search
Enter skills or designation keywords
Enter valid location
Job DescriptionLast Date 03 Nov 18

As an Information Security Analyst, candidate has to focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.

• The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.

• The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.

• To activily contribute to the Vulnerability management efforts of the organization via developer query resolution on vulnerabilities and defect tracking to closure.

• Well versed with OWASP – Top Ten and WASC Threat Classifications

• Expertise in Vulnerability Assessment and Penetration Testing of Web Applications

• Business‐Logic based application testing • Penetration testing of Mobile applications and websites.

• Exploitation of the issues found and presenting the impact occurred

• Source Code Reviews - Well versed in Java Secure Code Review

• Expertise in Automated Scanning using CheckMarx and Fortify

• Well versed with OWASP Code Review concepts & identifiers

• Familiar with popular tools: o Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark o Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider o Exploit Toolkits: Metasploit, Exploit DB etc

Additional Skills :

Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them

• Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities

• Good to have programming experience in Java, shell scripting, Perl, or Python

• Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.

Skills : Application Security Testing/Penetration Testing

Industry
IT- Network Admin. / Security

Job Type

Interview Type

Face to Face Interview, Telephonic Interview

Functional Area
IT Software - Network Administration / Security
Company Description

The Clavigerous Systems mobile application security scheme is designed to suit the best of client’s needs. The assessment procedure tests the local app as well as the third party and enterprise web services that handle the backend. The app is tested statically as well as dynamically. Automated testing is accompanied with manual review. Clavigerous Systems looks at the app on the whole and not just the bunch of code placed on your server or the application running on the device, thus ensuring complete information about vulnerabilities and complete security against the attacks and attackers.