Web Application Security Signatures Engineer

Pune, India

Qualys

Discover how Qualys helps your business measure & eliminate cyber threats through a host of cybersecurity detection & remediation tools. Try it today!

View all jobs at Qualys

Apply now Apply later

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Responsibilities 
In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies. You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry.

Required Skills: 
 
* 3-5 years of industry experience in web application security 

* Create exploits, proof-of-concept for web application vulnerabilities 

* Strong JavaScript programming skills 

 * Knowledge of HTTP protocol (Requests, responses, Cookies, etc.)  

* Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs 

* Exposure to DAST/BlackBox tools 

* Web application security scanning tools like BURP/ZAP, SQLMap, CURL 

* Experience with network analysis tools and analysis of packet captures. 

* Proficient with regular expressions. 

* System administrator experience on Windows or Unix platforms.   

* Strong analytical and problem-solving skills 

* Passion for web security and attention to detail

* Experience with scripting languages, including Python and Bash   

* Exposure to JAVA programming   

* Experience with selenium, postman scripting 

* Experience with Metasploit/Nessus exploits (especially HTTP-related ) 

* Experience with web application firewalls (WAF) rules, ModSecurity 

* Exposure to WEB 2.0, XML/XPath, JSON, Swagger  

* Database/SQL knowledge 

* Experienced in the use of various scanners and open-source security tools. 

* Experience in developing security-related tools/programs. 

* Ability to work independently 

* Published research  

* Security certifications 

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: APIs Application security Bash DAST Exploits Firewalls Java JavaScript JSON LLMs Metasploit Nessus OWASP PostMan Python Qualys Scripting Selenium SQL UNIX Vulnerabilities Windows XML

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.