isecjobs.com

Associate Staff Engineer - Penetration Testing

Remote, Sri Lanka

Full Time Mid-level / Intermediate USD 20K - 47K *
Nagarro logo

Nagarro

A digital product engineering leader, Nagarro drives technology-led business breakthroughs for industry leaders and challengers through agility and innovation.

View all jobs at Nagarro

Apply now Apply later

Company Description

We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at scale — across all devices and digital mediums, and our people exist everywhere in the world (15000+ experts across 26 countries, to be exact). Our work culture is dynamic and non-hierarchical. We are looking for great new colleagues. That is where you come in!

Job Description

Must have Skills : Security Assessment, Penetration Testing, Vulnerability Scanning, Security Testing,

Job Description : Looking for a security professional who is good at performing security testing of Applications, & Cloud Environments and articulate the findings in an easily consumable manner to the various internal stakeholders. Capability to think Out-of-the-Box and come up with attack vectors for the target components would be required for this role.

Experience and Qualifications: ·

  • Should have 3-6 year of experience in application security testing of web & mobile applications (android + iOS), API and infrastructure (cloud +network + server) ·
  • Through knowledge of the OWASP framework and testing guide. ·
  • Hands-on knowledge of Pen testing, red team exercise, and bug hunting. ·
  • Hands-on knowledge of DAST/SAST/IAST solutions. ·
  • Knowledge on scripting (e.g. in python, PowerShell, JavaScript) to write automation scripts & PoCs. ·
  • Knowledge on SSO and OAuth 2.0 flows would be required ·
  • Bachelor degree. - Preferably in the field of Computer Science/ Computer Application/ Information & Technology/ Electronic & Communication Engineering. ·
  • Security certifications i.e. OSCP, OSWE, CCSP are a plus. ·
  • Experience in bug bounty hunting with well-known bug bounty platforms /vulnerability disclosure programs are a plus.
  • Should be good at performing Security Testing of the following: - Web Application - API - Mobile applications (android + iOS) - Infrastructure (Server + network) - AWS, Azure and GCP environments ·
  • Pen Testing and Red team exercises against assigned target scope. ·
  • Write automation & PoC scripts from time to time. ·
  • Should be able to perform assessment to detect open-shares and non-compliant AD accounts ·
  • Pentest Identity Provider (IdP) integrated applications with SSO and OAuth. Should be well versed with the following tools: · Burp Suite · Postman ·
  • VirtualBox · Kali Linux · Metasploit · Android Studio (AVD) ·
  • Scripting · Tenable · AWS, Azure and GCP ·
  • DAST and SAST solutions
Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  13  3  0
Categories: Leadership Jobs PenTesting Jobs Security Engineering Jobs

Tags: Android APIs Application security Automation AWS Azure Burp Suite CCSP Cloud Computer Science DAST GCP IAST iOS JavaScript Kali Linux Metasploit OSCP OSWE OWASP Pentesting POCs PostMan PowerShell Python Red team SAST Scripting Security assessment SSO VirtualBox

Regions: Remote/Anywhere Asia/Pacific
Country: Sri Lanka

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsTerraform jobsFinance jobsDoDD 8570 jobsBash jobsITIL jobsOWASP jobsUNIX jobsCRISC jobsGIAC jobsDocker jobsIntrusion detection jobsCompTIA jobs
TCP/IP jobsThreat detection jobsBanking jobsActive Directory jobsData Analytics jobsSANS jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsAnsible jobsSOC 2 jobsIT infrastructure jobsJavaScript jobsSOAR jobsDNS jobsSOX jobsJira jobsGCIH jobsSecurity strategy jobsNIST 800-53 jobsOracle jobsCryptography jobs