Similar Jobs

Application Security Tester (VA/PT) plays a key role in enhancing application security through proactive assessment, monitoring and collaboration. Primary responsibilities include executing vulnerability assessments, conducting penetration testing and supporting threat analysis within the SDLC. This role assists in developing secure coding practices and ensuring adherence to security standards such as ISO 27001 and OWASP.

Key Responsibilities:

1. Perform vulnerability scans and penetration tests on applications and systems.
2. Assist in developing threat models for critical applications and identifying potential attack vectors.
3. Analyze security incidents and support incident response efforts.
4. Review code for security flaws and provide guidance on secure coding practices.
5. Support secure SDLC implementation, including code reviews.
6. Monitor and track application vulnerabilities, providing regular reports to senior security teams.
7. Assist in managing security tools and automation for improved efficiency.
8. Stay up-to-date on emerging threats and security trends.
9. Participate in security awareness initiatives and training.
10. Integrate security measures into the DevSecOps pipeline to ensure continuous security.
11. Understand and apply industry standards and frameworks (e.g., ISO 27001, OWASP Top 10).
12. Basic knowledge of security compliance requirements (GDPR, PCI DSS).

Requirements:

• Candidates holding certifications such as CEH, CompTIA Security+, CPTE will have an added advantage when applying for the Junior Application Security Analyst position.
• Bachelor's or Master's degree in Computer Science, Information Security or a related field.
• 2-3 years of experience in application security roles, focusing on threat analysis, vulnerability assessment and secure development.
• Proficiency in application security tools for static and dynamic analysis, vulnerability scanning and penetration testing.

Technical Skills:

1. Knowledge of penetration testing and vulnerability assessment tools like Burp Suite, Metasploit, and OWASP ZAP.
2. Familiarity with web application technologies (e.g., JavaScript, Java, .NET).
3. Understanding of web security vulnerabilities (e.g., XSS, SQL Injection, CSRF).
4. Experience with vulnerability management, threat detection and analysis platforms tools like Nessus, Qualys, Kali Linux.
5. Basic knowledge of secure coding standards and practices.

Non-Technical Skills:

• Strong problem-solving and analytical abilities.
• Excellent written and verbal communication skills.
• Ability to work collaboratively in cross-functional teams.
• Detail-oriented with a strong focus on security and risk mitigation.

Skills:

Metasploite, XSS.Net, Javascript, OWASP, Burp Suite,