Location
Pune | India
Job description
Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Responsibilities In this position, you will primarily be researching, and developing, new signatures, fine-tuning existing signatures and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Outstanding problem-solving and troubleshooting skills are a must, as solutions to many problems might not be obvious. Required Skills:
- 3 years of industry experience in web application security
- Create exploits, proof-of-concept for web application vulnerabilities
- Research and publish new vulnerabilities
- Strong JavaScript programming skills
- Knowledge of protocol (Requests, responses, Cookies, etc.)
- Understanding of web application vulnerabilities, OWASP top 10
- Exposure to DAST/BlackBox tools
- Web application security scanning tools like BURP/ZAP, SQLMap, CURL
- Experience with network analysis tools, and analysis of packet captures.
- Proficient with regular expressions.
- System administrator experience on Windows or Unix platforms.
- Strong analytical and problem-solving skills
- Strong attention to details
- Passion for web security
- Team player
- Ability to work independently and self-learnerGood to have
- Experience with scripting languages, including Python and Bash
- Understanding of JAVA programming
- Experience with selenium, postman scripting
- Experience with Metasploit/Nessus exploits (especially
- Experience with web application firewalls (WAF) rules, ModSecurity
- Exposure to WEB 2.0, XML/XPath, JSON, Swagger
- Database/SQL knowledge
- Experienced in the use of various scanners and open-source security tools.
- Experience in developing security-related tools/programs.
- NMAP, experience/knowledge of NASL or NSE scripts, Certifications like CEH or OSCP
Job tags
Salary
