- The candidate should be a hands-on experienced QA Engineer who can work independently with minimum supervision to accomplish assigned tasks on schedule.
- Successful candidates will have a strong testing background in both web based application and server side testing with a strong focus on security testing
- Must participate in design discussions and architect test solutions for effective testing of application
- Must help in security-test-plan creation
- Help the teams create test automation framework, review the automation scripts and find out innovative ways of achieving test efficiency through better tools and techniques
- Hands on with non-functional testing and API-testing as applicable
- To effectively communicate with cross functional teams and represent QA teams in technical discussions
- To review the test methodologies and help improve overall application quality
- To have hands on programming experience, preferably in Java
- Support projects within the SDLC and Agile environments with applications security testing penetration testing and vulnerability management functions.
- Perform Web / Mobile application security assessments and penetration testing on projects and/or releases; produce detailed risk reports with identified vulnerabilities and remediation recommendations.
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Experience with OWASP testing Guide / Open Source Security Testing Methodology Manual
- Experience with vulnerability scanning tools (e.g., AppScan, Qualys, Nessus, Nexpose, Saint)
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
- Good Understanding of various web application architectures and web technologies (Java, MS .NET etc.)
- Experience deploying enterprise security testing solutions.
- Familiarity with Secure Development Lifecycle practices and Agile development.
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired.
- Networking, VPN, Firewall concepts -Familiarity with TCP/IP and related protocols (http..)
- BE / B.Tech in computer science/ Engineering or a related discipline.
- Strong problem solving skills and ability to troubleshoot application and environment issues.
- Ability to identify, debug and clearly articulate software defects.
- Must effectively communicate testing status to management.
- Hands on Experience in one of the programming language(C++/Java) and data structures.
- Hands on Experience in security testing and test architecture
- Working knowledge of Windows, UNIX or Linux.
- Good oral and written communication skills