Working knowledge of application security assessment and applicable review methodologies.
Job Description
- Perform manual and automated application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation.
- Exhibit extensive knowledge and ability to perform industry standard web application penetration testing methods, including OWASP guides.
- Participate in the change management process ensuring that all releases are reviewed by security before being approved for production.
- Ability to analyze security issues (both white-box and black-box), determine its cause and impact to the business and identify the corrective action needed to eliminate and prevent the event for the future.
- Work with IT Security team members and the development teams to design mitigations for identified weaknesses.
- Contribute to and help to further develop application security frameworks and standards.
- Break the code to find and fix flaws that developers may have missed.
- Help the engineering teams fix security issues.
- Mentor the engineering team to write more secure code.
- Assist with other organization security projects and tasks as required.
- Monitor and evaluate security controls throughout the business.
- Drive the efforts to automate operational security.
Qualifications
- 3+ years of experience in a similar role in a relevant software or internet service industry.
- Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field.
- Experience in both vulnerability research and penetration testing.
- Passion for finding security deficiencies in applications or people/processes.
- Working knowledge of application security assessment and applicable review methodologies.
- Knowledge of application-level attacks and mitigation methods.
- Good knowledge of vulnerabilities and exploits.
- Managing and prioritizing multiple tasks in accordance with high level objectives.
- Knowledge of relevant business or compliance drivers that obviate the need for security tooling or processes.
- Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols and applied cryptography.
- Experience using Burp Suite to perform security assessments.
- Good knowledge of Internet systems and technologies such as SOAP/REST web services, .NET Framework, debuggers, Java Script, TCP/IP, OSI Model etc...
- Experience with scripting languages (Bash, PowerShell, etc.).
- Able to drive consensus amongst technically strong but differing groups.
- Profound love of breaking things in order to make them stronger.
- Open to work in international, multilingual environment.
- Proficient in English.
Additional Information
Give your career a boost! Join an outstanding team of talented individual working on a project that makes sense...
Terms: Full time position
Beginning: ASAP
Location: Mauritius
For more information about EcoVadis please visit our site: www.ecovadis.com