Expert Application Security & Pen Tester

Grade Level: L2

Location: Islamabad

Last Date to Apply: 30 September 2024

What is Expert Application Security & Pen Tester?

Expert Application Security & Pen Tester is responsible to evaluate and plan mitigations of information security related risk to Jazz Applications, APIs and Portals and design and test cyber security controls to address those risks. Main responsibility of this role is to safeguard software applications for potential threats & vulnerabilities by analyzing and effectively testing implementation of different application security controls to protect organization’s digital footprint from cyber threats.

The role reports directly to the Stream Head Cyber Security with an extended team of 11 team members.

What does Expert Cyber Security & Pen Tester do?

• Design, develop and maintain a robust application security framework for Jazz digital footprint
• Identify loopholes in the custom developed/security systems of built servers, web portals/dashboards, user applications of Jazz.
• Perform security testing of all Jazz services before going live.
• Perform periodic security verifications of Jazz services
• Ensures the security/data protection for applications vulnerable to internal/external attackers.
• Detects bugs/errors embedded in the source code of android/iOS/other language based apps.
• Analyse the communication path/matrix of applications to track host servers and IP addresses accordingly.
• Performs relevant preventive measures to protect leakage of confidential/sensitive information.
• Coordinate and manage internal stakeholder expectations with the right balance of security controls.

Jazz is an equal opportunity employer. We celebrate, support, and thrive on diversity and are committed to creating an inclusive environment for all employees.

Requirements

Education and Experience:

• BS/MS in information security/Information Technology
• Practical experience of application security in banking / Telco sector
• At least 04 years of experience in security design and penetration testing of mobile applications & APIs

Functional:

• Ability to organize, plan and document tasks
• Ability to manage internal & external stakeholders
• Possess good logical and analytical skills to help in analysis of Cyber Security risks

Technical:

• In depth knowledge of the SDLC processes;
• In depth knowledge of multiple commonly used programming languages used for Mobile and Web based application programming and APIs;
• Knowledge/understanding of industry best practice secure software development frameworks (e.g. OWASP);
• In depth knowledge of Application, Network and System security controls
• In depth knowledge of API security controls and vulnerabilities
• Hands on experience of use of Penetration testing tools and code review
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Skill in conducting trend analysis and reporting.

Benefits

Why Join Jazz?

As one of the leading employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle, and continuous learning and development.

Our core values include qualities essential for a positive organizational culture - truthfully guiding entrepreneurial and innovative mindsets, harnessing professional and interpersonal collaboration, and fostering across-the-board customer-obsession.

As one of the largest private sector organizations in Pakistan, our objective is to continue to change the lives of our 70 million customers for the better. This is an opportunity for someone who wants to be part of something transformative, someone who can play a critical role in driving our success. Together, we can empower millions more with the tools necessary to progress in an increasingly digital economy.