Penetration testing, Java coding Professional

Job Responsibilities:

• Conduct manual exploitation penetration testing, identifying vulnerabilities across various application types.
• Perform DAST (Dynamic Application Security Testing) for Web, API, and Thick Client applications.
• Execute SAST (Static Application Security Testing), including secure code analysis and Software Composition Analysis (SCA).
• Apply strong Java coding skills to understand, analyze, and potentially exploit vulnerabilities, as well as assist with secure code development.
• Utilize security testing tools such as Fortify, BurpSuite Pro, Postman, and SOAP UI effectively in testing efforts.
• Work with Linux environments for security testing tasks.
• Engage in DevSecOps practices, integrating security into the CI/CD pipeline.
• Ensure adherence to security standards, particularly OWASP Top 10 scenarios, during all testing phases.
• Work within an onshore-offshore model, coordinating directly with customers.
• Facilitate effective stakeholder coordination to communicate findings and collaborate on remediation.

Required Skills:

• Strong hands-on experience in Java coding skills.
• Expertise in manual exploitation penetration testing.
• Experience with DAST (Web, API, Thick Client) and SAST (Secure code analysis, SCA).
• Hands-on knowledge/experience with Linux and DevSecOps.
• Proficiency with Security Testing Tools (Fortify, BurpSuite Pro, Postman, SOAP UI, etc.).
• Understanding of Security Standards, especially OWASP Top 10 scenarios.
• Security Testing Certifications such as CEH or BurpSuite certified.