CareerStation
TE

Application Security Tester - SAST/DAST

Teamware Solutions
Chennai4-8 LPA Posted 16 Jul 2025
FULL TIME
.NET
Javascript
Owasp Top 10
Java

Job Description

We are seeking a skilled and detail-oriented Application Security Tester with 4 to 5 years of experience in performing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). The ideal candidate will be responsible for identifying security vulnerabilities in applications and working closely with developers and DevOps teams to ensure secure coding practices and compliance with security standards.

Key Responsibilities:

  • Conduct SAST and DAST on web, mobile, and API-based applications using industry-standard tools
  • Analyze and interpret scan results, identify false positives, and provide remediation guidance
  • Collaborate with development teams to explain vulnerabilities and suggest secure coding solutions
  • Integrate security testing tools into CI/CD pipelines
  • Perform manual security testing where automated tools are not sufficient
  • Support threat modeling, risk assessments, and secure code reviews
  • Maintain documentation for test plans, results, and vulnerability reports
  • Track and verify the remediation of vulnerabilities over time
  • Stay current with emerging security threats, tools, and best practices
  • Ensure compliance with OWASP Top 10, SANS CWE 25, and other industry standards

Required Skills:

  • 4 to 5 years of hands-on experience in application security testing
  • Strong experience with SAST tools (e.g., Fortify, Checkmarx, SonarQube, Veracode)
  • Strong experience with DAST tools (e.g., Burp Suite, OWASP ZAP, AppScan, Netsparker)
  • Good understanding of secure coding practices in Java, .NET, JavaScript, or Python
  • Experience integrating security testing in DevSecOps pipelines (Jenkins, GitLab CI, Azure DevOps)
  • Familiarity with OWASP Top 10, CWE, NVD, CVSS, and common vulnerability classifications
  • Basic knowledge of network security, API testing, and authentication mechanisms (OAuth, JWT)

Preferred Qualifications:

  • Certifications such as OSCP, CEH, GWAPT, or CSSLP
  • Knowledge of cloud application security (Azure, AWS, GCP)
  • Experience with manual testing techniques such as input fuzzing, logic testing, and session manipulation
  • Familiarity with container security and infrastructure-as-code scanning tools

Soft Skills:

  • Strong analytical and problem-solving skills
  • Excellent communication skills (written and verbal)
  • Ability to work in a fast-paced, collaborative environment
  • Detail-oriented with a strong commitment to security best practices
  • Proactive approach to continuous learning and improvement

Required Skills

.NETJavascriptOwasp Top 10Java
Join WhatsApp Channel