Web Application Security Signatures Engineer
Pune, India
Qualys
Discover how Qualys helps your business measure & eliminate cyber threats through a host of cybersecurity detection & remediation tools. Try it today!Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Responsibilities
In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies. You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry.
Required Skills:
* 3-5 years of industry experience in web application security
* Create exploits, proof-of-concept for web application vulnerabilities
* Strong JavaScript programming skills
* Knowledge of HTTP protocol (Requests, responses, Cookies, etc.)
* Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs
* Exposure to DAST/BlackBox tools
* Web application security scanning tools like BURP/ZAP, SQLMap, CURL
* Experience with network analysis tools and analysis of packet captures.
* Proficient with regular expressions.
* System administrator experience on Windows or Unix platforms.
* Strong analytical and problem-solving skills
* Passion for web security and attention to detail
* Experience with scripting languages, including Python and Bash
* Exposure to JAVA programming
* Experience with selenium, postman scripting
* Experience with Metasploit/Nessus exploits (especially HTTP-related )
* Experience with web application firewalls (WAF) rules, ModSecurity
* Exposure to WEB 2.0, XML/XPath, JSON, Swagger
* Database/SQL knowledge
* Experienced in the use of various scanners and open-source security tools.
* Experience in developing security-related tools/programs.
* Ability to work independently
* Published research
* Security certifications
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Bash DAST Exploits Firewalls Java JavaScript JSON LLMs Metasploit Nessus OWASP PostMan Python Qualys Scripting Selenium SQL UNIX Vulnerabilities Windows XML
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.