QA Engineer, Security Tester
Job Location – Hyderabad, Bengaluru, Remote | Position – Full-Time
The ideal candidate will be working on a variety of products based on different business domains for the AWS and Salesforce capability.
Skills (Must Haves):
5 + years of experience in Security Testing.
- Any security Testing certification [Preferably AWS Injector]
- Expertise in vulnerability analysis (e.g., design flaws, data-flow analysis)
- Security Testing
- Web Application Security Testing
- Web Services Security Testing
- Vulnerability Assessment
- Vulnerability scanning and mitigation.
- Penetration Testing.
Nice to Have:
- API Security
- Understanding of Data Privacy protection and assessment skillsets
- Vulnerability analysis and application reversing skills along with understanding of GDPR regulations.
- Other security testing certifications.
- Being a Team player, good communication & interpersonal skills.
- Execute the development of a secure infrastructure and process improvement projects in several domains including: Security Incident Management, Vulnerability management, Intrusion Detection, and Incident Response.
- Lead, perform, and guide Penetration Testing on internal products.
- Work on Cloud Security.
- Participate in calls to understand the application security testing requirements.
- Prepare security test plan and test cases based on the requirements/scenarios identified.
- Perform automated security scans on the application using web vulnerability scanner and analyse the findings manually to identify false positives.
- Conduct a manual on security review to check for business logic flaws.
- Report all the identified security vulnerabilities in the defect tracking tool.
- Demonstrate security vulnerabilities found during testing to developers, help them in understanding the impact of the vulnerability.
- Provide high level recommendations for defect fixing.
- Follow up with developers for closure of open defects.
- Initiate and drive defect review calls with customer/development teams, highlight the risk associated with open security vulnerabilities.
- Help the Business team carry out the User Acceptance Testing.