Dfcs Technologies Private Limited
Location
Mumbai | India
Job description
Please find JD.
Job Summary: We are seeking a skilled and experienced Web Application Penetration Tester to join our cybersecurity team. The ideal candidate will have a strong background in ethical hacking, vulnerability assessment, and penetration testing methodologies, with a focus on web applications. You will be responsible for identifying security vulnerabilities, assessing risks, and providing actionable recommendations to enhance the security posture of our web applications. Responsibilities: 1. Conduct comprehensive penetration tests on web applications to identify security vulnerabilities, including but not limited to SQL injection, cross-site scripting (XSS), and authentication bypass. 2. Perform manual and automated security assessments, leveraging industry-standard tools and techniques. 3. Analyse and interpret security assessment results to prioritize vulnerabilities based on risk level and potential impact. 4. Collaborate with development teams to provide guidance on secure coding practices and remediation strategies. 5. Prepare detailed reports documenting findings, including proof-of-concept demonstrations and recommendations for mitigation. 6. Stay updated on the latest security trends, vulnerabilities, and exploitation techniques relevant to web applications. 7. Participate in red team exercises and security incident response activities as needed. Requirements: 1. bachelor's degree in computer science, Information Security, or related field (or equivalent work experience). 2. Minimum of 1 year of experience in web application penetration testing or related cybersecurity roles. 3. Proficiency in using industry-standard penetration testing tools such as Burp Suite, OWASP ZAP, Nmap, and Metasploit. 4. Strong understanding of web application architectures, protocols ( and common security controls. 5. Familiarity with web technologies and frameworks, such as JavaScript, PHP, ASP.NET, and Ruby on Rails. 6. Excellent analytical and problem-solving skills, with the ability to think creatively to exploit vulnerabilities. 7. Effective communication skills, including the ability to articulate technical concepts to both technical and non-technical stakeholders. 8. Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Web Application Penetration Tester (GWAPT) are a plus. Location: Mumbai ( Andheri) Job Type: Full-timeONLY FACE TO FACE INTERVIEW
Job tags
Salary
