Security Engineer

Project Role : Security Engineer
Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.
Must have skills : Security Penetration Testing
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : be btech

Summary: As a Security Engineer, you will be responsible for applying security skills to design, build and protect enterprise systems, applications, data, assets, and people. Your typical day will involve conducting security penetration testing and providing services to safeguard information, infrastructures, applications, and business processes against cyber threats. Key Responsibilities: 1. Solid understanding of OWASP and SANS security testing methodology 2. Analyze and interpret security test results to provide recommendations for remediation. 3. Knowledge of Secure SDLC and Security standards like CWE, NIST, OSSTMM 4. Think critically about complex problems and situations. 5. Consider emerging web-based vulnerabilities and threats from within the context of organizational risk and business impact. 6. Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigations. 7. Develop and deliver walkthroughs, proof(s) of concept, articles, and formal presentations. 8. Execute verification and validation testing for mitigations and fixes. 9. Keep up-to-date with security trends and developments, and provide insights to the team Technical experience 1. Experience in performing penetration testing on enterprise networks, web applications, APIs and mobile applications. 2. Familiarity with common web vulnerabilities including XSS, XXE, SQL Injection, Deserialization Attacks, File Inclusion/Path Traversal Attacks, Server-side Request Forgery, Remote Execution Flaws, Server Configuration Flaws and Authentication Flaws. 3. Experience in testing web-based APIs (REST, SOAP, XML, JSON). Experience in designing and documenting pragmatic remediation guidance for discovered vulnerabilities. 4. Experience in performing Reverse Engineering for APIs and mobile applications. 5. Experience developing actionable intelligence based on open-source intelligence (OSINT) gathering. 6. Experience with 1 or more scripting languages such as Bash, Python, Perl, PowerShell. 7. Experience on both commercial and open-source tools such as Kali Linux, Metasploit, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP and others. Professional Attributes : 1. Strong analytical skill with a structured problem-solving approach 2. Must have good verbal and written communication skill and a good team player 3. Demonstrated creativity in complex problem solving and ability to work under pressure Additional Information: 1 The candidate should have a minimum of 3 years of experience in Security Penetration Testing. 2 The ideal candidate will possess a strong educational background in Computer Science, Information Technology, or a related field, along with a proven track record of delivering impactful security solutions. 3 Certified in one of the Industry recognized penetration testing skill (OSCP, LPT, Comptia Pen test+, GPEN, GXPN)