Job Seekers, Please send resumes to resumes@hireitpeople.com Must Have Skills: DAST SAST Certified in security Minimum of 4 - 5 years hands-on experience in Application Security assessment DAST and SAST. GWAPT or CISSP certification. Nice to have skills: Certifications Mobile security testing Required Skills for Application Security: Experience as a Security Engineer specifically for Applications /Understanding of SSDLC Framework. Strong background with application security assessments. Experience in application security assessments (white box, black box and code review). Hands on experience with application Security tools like IBM AppScan, Fortify, Web Inspect, BurpSuite etc. Experience in integrating application security processes in CI/CD pipelines Knowledge of Application security processes and standards including OWASP, CVSS rating, factors impacting risk rating etc Experience creating documents and reports Excellent communication and collaboration skills Some system administration and scripting experience with at least SQL databases (PL/SQL Scripting and Oracle Database Tools are a plus Detailed Job Description: Performs application security assessments and guide remediation activities as part of the application security Guides and performs security assessment activities including vulnerability testing and analysis (both tool based and manual), code review, static and dynamic code testing, ethical hacking and business logic exploit testing. Integration of Application security activities in CI/CD pipeline Ensures teams are validating for OWASP and performing industry leading application security practices Creates application assessment process documents, like requirements document, reports on application assessment findings etc Collaborate with stakeholders to explain the findings and proposed remediation Provide dashboard reports on status of project.4 years of experience with Security Best Practices, cyber security, implementing enterprise grade security solutionsTool Management Manage Operate the existing tools like Fortify, WebInpsect, SonaType, Secure Code Warrior etc. in order to manage the security policy Experience in tools such as Burp Suite, fiddler for penetration testing and OWASP ZAP, WebInpsect for DAST Dynamic Application Security Testing and tools like Fortify for SAST Static Application Security Testing, SonaType for SCA, along

Minimum years of experience: 5+