Security Test Engineer

Company Overview

(Company details not provided)

Job Summary

The Security Test Engineer will be responsible for ensuring the security and integrity of applications by performing automated and manual testing. This role is crucial in identifying vulnerabilities in both web and mobile applications, contributing to the organization’s overall cybersecurity strategy.

Responsibilities

• Perform automated testing of running applications and static code (SAST, DAST).
• Conduct manual application penetration tests on various platforms, including web applications, APIs, internal and external networks, and mobile applications.
• Utilize application security tools such as AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux for testing.
• Analyze and explain vulnerabilities including IDOR, Second Order SQL Injection, and CSRF, as well as their root causes and remediation strategies.
• Engage with technical and non-technical audiences to report findings and lead remediation efforts.
• Identify and integrate new tools/technologies to enhance testing capabilities and address client needs.

Qualifications

• Education: Bachelor's degree in Computer Science, Information Security, or a related field preferred.
• Minimum three (3) years of recent experience with application security testing tools.
• At least three (3) years of experience performing manual penetration testing and code reviews on web and mobile applications.
• Excellent communication skills for reporting and leading discussions with diverse audiences.
• Familiarity with application architecture and business logic analysis is beneficial.
• Preferred one (1) year of experience in web application and/or API development.
• Ethical hacking certifications such as GWAPT, CREST, OSCP, OSWE, or OSWA are preferred but not mandatory.

Preferred Skills

• Experience in mobile application testing.
• Knowledge of web application penetration testing methodologies.

Experience

• Minimum three (3) years of relevant experience in performing security tests and penetration testing.

Environment

(Work setting details not provided)

Salary

(Salary details not provided)

Growth Opportunities

(Growth opportunities details not provided)

Benefits

(Benefit details not provided)