Register Login

  • Expertini Resume Scoring: Our Semantic Matching Algorithm evaluates your CV/Résumé before you apply for this job role.
Get Resume Score
India Jobs Expertini

VAPT Pentester / Web Application Security Job Opening In Bengaluru – Now Hiring NETSACH GLOBAL

VAPT Pentester / Web Application Security

    India Jobs Expertini Expertini India Jobs Bengaluru Computer Occupations Vapt Pentester / Web Application Security

Job description

Greetings from Netsach - A Cyber Security Company.


We are looking for Web Application Security with 3 yrs of relevant experience and mandatory skills set are Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.


Job Title: Web Application Security

Exp: 3+ - 5yrs

Job Location: Bangalore

Job Type: Full-time


Interested candidates please share your resume at and netsachglobal.com



Job Description

1.

Job Overview

The primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles/patterns/controls into all products and platforms.

Conduct security assessments, gap analysis, provide remediation to the relevant squads / stakeholders.

2.

Job Purpose

Primary/General Job Purpose:


  • Encourage Shift Left Mindset - Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle


  • Implement via Influence - Influence stakeholders such as Product Owners, Solution Architects, Developers, Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees


  • Assessments Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes.


Key Skills Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.


  • Tools and Technologies Burp Suite, Postman, Tenable Nessus, Checkmarx SAST, GitHub and good knowledge about monolithic and microservice architecture and pipeline driven security.


Experience with following Components:

3.

Technical Requirements

Application Security Assessment Skillset

  1. Web Application Security Owasp top 10 , CVSS etc
  2. Security Code Review manual code review in Git etc
  3. API Security Review Open shift, container review etc.
  4. Database Security Requirements to enhance security on Database
  5. Web Server Security Requirements to enhance security on the web server
  6. Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.
  7. Integration review How the application connects with different systems, performed security review on those integrations.
  8. Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.



Soft Skills:

  • Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective
  • Holistic thinking; must balance security and functionality using practical demonstrable examples.

    Must also contribute to and implement good architecture principles to lower technical debt
  • Assertive personality; should be able to hold her/his own in a project board or work group setting
  • Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner
  • Ability to work under pressure and meet tough/challenging deadlines
  • Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not
  • Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint
  • Has strong decision making, planning and time management skills.
  • Can work independently.
  • Has a positive and constructive attitude.



4.

Person Specifications

Specifications

Description of Knowledge / Skill etc.

Desirable or Essential


  1. Education
  • General
  • Professional

Bachelors degree in a computer-related field such as computer science, cyber/information security discipline, physics, mathematics or similar


  • General Information Security:OSCP, CEH, CISM/CISA or similar
  • General Cloud Security: CCSK /CCSP or similar
  • Specific Cloud Security: Azure Security or similar
  • Network Security: CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist


  1. Experiences

(Years & Type)

  • Industry
  • Regional
  • Functional

Must have minimum 3 years of experience in an information security function with good background in information technology, stakeholder management and people management


  1. Knowledge & Skills
  • Technical
  • Functional
  • Managerial

Expert at the Web application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc.


Good understanding of Microservice based architecture (Technical)



Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection/detection & API /Micro services Security


Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical)


The Analyst / Engineer should be able to understand how different systems work and what security controls are implemented in such integrations.


The Analyst / Engineer should be capable in understanding the hardening standards, creating one if not available, and perform the testing against the hardening standards.

The Analyst / Engineer should be capable of assessing security flaws in underlying infrastructure and the connected components.


The Analyst / Engineer should be capable of assessing the security flaws in the Transport Layer.


The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise


The Analyst / Engineer can understand and interpret potential issues found in source or compiled code


The Analyst / Engineer has automation skills/capability in the form of scripting or similar

The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures


Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and/or during agile ceremonies, via Evil Stories


Desirable

The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance


Desirable

The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams.

Desirable

The Analyst / Engineer can interpret and understand vulnerability assessment reports and calculate inherent and/or residual risks based on the assessment of such reports

Desirable

Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team.

Good negotiation skills will be desirable


Desirable

Must have good judgment skills to decide on an exception approval


Desirable

Ability to enforce improvements when necessary, using Influence rather than Policing measures


Desirable

Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders

Desirable

Knowledge of application of Agile methodologies/principles such as Scrum or Kanban


Desirable

  1. Behavioral Competencies
  • Thinking Related
  • People Related
  • Self Related
  • Influencer/Security Evangelist for the Team/Squad
  • Positive & Constructive Attitude
  • Autonomous worker / Decision Maker
  • Good listener
  • Patient & Calm during stressful situations
  • High energy individual / Motivator
  • Win-Win Attitude
  • Hacker/Defense-In-Depth mindset
  • Analytical thinking
  • Team Player/Interpersonal Skills
  • Eye for detail
  • Persistent & Persuasive
  • Organized / Structured
  • Deadline oriented
  • Competent and committed
  • Peoples Person; understands stakeholder management
  • Empathetic
  • Passionate about architecting smart solutions
  • Innovator/Out of the box thinker
  • Collaborative Leadership style
  • Confident Presenter



Thank You

Emily Jha

Netsach - A Cyber Security Company

+91 8050023824

Required Skill Profession

Computer Occupations


  • Job Details

Related Jobs

NETSACH GLOBAL hiring Pentester /Mobile Application Security Job in Bengaluru, Karnataka, India
NETSACH GLOBAL
Bengaluru, Karnataka, India
Confidential hiring Pentester Professional Job in Bengaluru, Karnataka, India
Confidential
Bengaluru, Karnataka, India
NETSACH GLOBAL hiring Web Application Security Job in Chennai, Tamil Nadu, India
NETSACH GLOBAL
Chennai, Tamil Nadu, India
Tata Consultancy Services hiring Web Application Security Specialist Job in Hyderabad, Telangana, India
Tata Consultancy Services
Hyderabad, Telangana, India
AXA Group hiring Web Application Security Expert Job in Bengaluru, Karnataka, India
AXA Group
Bengaluru, Karnataka, India
Brainwork TechnoSolutions Pvt. Ltd hiring Security Engineer - VAPT Job in Delhi Division, Delhi, India
Brainwork TechnoSolutions Pvt. Ltd
Delhi Division, Delhi, India
IBM hiring Security Consultant - VAPT Job in Mumbai, , India
IBM
Mumbai, , India
IBM hiring Security Consultant - VAPT Job in Mumbai, , India
IBM
Mumbai, , India
IBM hiring Security Consultant - VAPT Job in Mumbai, , India
IBM
Mumbai, , India
Prime Infosoft hiring Security Consultant - VAPT Job in Bengaluru, Karnataka, India
Prime Infosoft
Bengaluru, Karnataka, India
TAC Security hiring TAC Security - Security Engineer - VAPT Job in Delhi Division, Delhi, India
TAC Security
Delhi Division, Delhi, India
TAC Security hiring Senior Security Engineer - VAPT Job in India
TAC Security
India
Digihelic Solutions Private Limited hiring Cyber Security Engineer - VAPT Job in Pune, Maharashtra, India
Digihelic Solutions Private Limited
Pune, Maharashtra, India
ACE hiring Cyber Security Engineer - VAPT Job in Hyderabad, Telangana, India
ACE
Hyderabad, Telangana, India
Vegapay hiring Vegapay - Security Engineer - VAPT Job in Bengaluru, Karnataka, India
Vegapay
Bengaluru, Karnataka, India
Black Box hiring VAPT Lead – Offensive Security Job in Mumbai, Maharashtra, India
Black Box
Mumbai, Maharashtra, India
Black Box hiring VAPT Lead – Offensive Security Job in India
Black Box
India
BlackBox hiring VAPT Lead – Offensive Security Job in , , India
BlackBox
, , India
Impeccable HR Consulting hiring Security Testing Lead - VAPT Job in Mumbai, Maharashtra, India
Impeccable HR Consulting
Mumbai, Maharashtra, India
TAC Security hiring TAC Security - Senior Security Engineer - VAPT Job in Delhi Division, Delhi, India
TAC Security
Delhi Division, Delhi, India
TAC Security hiring TAC Security - Senior Security Engineer - VAPT Job in Mumbai, Maharashtra, India
TAC Security
Mumbai, Maharashtra, India
GoldenHire Consultancy hiring Web Application Security Consultant (WebPT P1 ) Job in Pune, Maharashtra, India
GoldenHire Consultancy
Pune, Maharashtra, India
MK IT Solutions hiring Web Application Security Consultant (WebPT P1) Job in Bengaluru, Karnataka, India
MK IT Solutions
Bengaluru, Karnataka, India
WTW hiring Web Application Security Tester (SAST/DAST) Job in India
WTW
India
ITC Infotech hiring Web Application Security Engineer (Cloudflare WAF) Job in India
ITC Infotech
India
Vitasta Consulting Pvt Ltd hiring Application Security Job in Chennai, Tamil Nadu, India
Vitasta Consulting Pvt Ltd
Chennai, Tamil Nadu, India
Vitasta Consulting Pvt Ltd hiring Application Security Job in Bengaluru, Karnataka, India
Vitasta Consulting Pvt Ltd
Bengaluru, Karnataka, India
Softcell Technologies Global Private Ltd hiring Softcell - Senior Security Analyst - VAPT Job in Bengaluru, Karnataka, India
Softcell Technologies Global Private Ltd
Bengaluru, Karnataka, India
Almighty HRD Consultants hiring Senior Security Consultant -VAPT Specialist Job in Kozhikode, Kerala, India
Almighty HRD Consultants
Kozhikode, Kerala, India
Emerson (Emerson)(2252) hiring Emerson - Embedded Security Engineer - VAPT Job in Pune, Maharashtra, India
Emerson (Emerson)(2252)
Pune, Maharashtra, India
QUALYS SECURITY TECHSERVICES PRIVATE LIMITED hiring Qualys - Web Application Security Analyst - DAST Tools Job in Pune, Maharashtra, India
QUALYS SECURITY TECHSERVICES PRIVATE LIMITED
Pune, Maharashtra, India
ESB Technologies hiring Web Application Developer Job in Hyderabad, Telangana, India
ESB Technologies
Hyderabad, Telangana, India

Unlock Your VAPT Pentester Potential: Insight & Career Growth Guide


Real-time VAPT Pentester Jobs Trends (Graphical Representation)

Explore profound insights with Expertini's real-time, in-depth analysis, showcased through the graph here. Uncover the dynamic job market trends for VAPT Pentester in Bengaluru, India, highlighting market share and opportunities for professionals in VAPT Pentester roles.

912 Jobs in India
912
44 Jobs in Bengaluru
44
Download Vapt Pentester Jobs Trends in Bengaluru and India

Are You Looking for VAPT Pentester / Web Application Security Job?

Great news! is currently hiring and seeking a VAPT Pentester / Web Application Security to join their team. Feel free to download the job details.

Wait no longer! Are you also interested in exploring similar jobs? Search now: .

The Work Culture

An organization's rules and standards set how people should be treated in the office and how different situations should be handled. The work culture at NETSACH GLOBAL adheres to the cultural norms as outlined by Expertini.

The fundamental ethical values are:

1. Independence

2. Loyalty

3. Impartiapty

4. Integrity

5. Accountabipty

6. Respect for human rights

7. Obeying India laws and regulations

What Is the Average Salary Range for VAPT Pentester / Web Application Security Positions?

The average salary range for a varies, but the pay scale is rated "Standard" in Bengaluru. Salary levels may vary depending on your industry, experience, and skills. It's essential to research and negotiate effectively. We advise reading the full job specification before proceeding with the application to understand the salary package.

What Are the Key Qualifications for VAPT Pentester / Web Application Security?

Key qualifications for VAPT Pentester / Web Application Security typically include Computer Occupations and a list of qualifications and expertise as mentioned in the job specification. The generic skills are mostly outlined by the . Be sure to check the specific job listing for detailed requirements and qualifications.

How Can I Improve My Chances of Getting Hired for VAPT Pentester / Web Application Security?

To improve your chances of getting hired for VAPT Pentester / Web Application Security, consider enhancing your skills. Check your CV/Résumé Score with our free Tool. We have an in-built Resume Scoring tool that gives you the matching score for each job based on your CV/Résumé once it is uploaded. This can help you align your CV/Résumé according to the job requirements and enhance your skills if needed.

Interview Tips for VAPT Pentester / Web Application Security Job Success

NETSACH GLOBAL interview tips for VAPT Pentester / Web Application Security

Here are some tips to help you prepare for and ace your VAPT Pentester / Web Application Security job interview:

Before the Interview:

Research: Learn about the NETSACH GLOBAL's mission, values, products, and the specific job requirements and get further information about

Other Openings

Practice: Prepare answers to common interview questions and rehearse using the STAR method (Situation, Task, Action, Result) to showcase your skills and experiences.

Dress Professionally: Choose attire appropriate for the company culture.

Prepare Questions: Show your interest by having thoughtful questions for the interviewer.

Plan Your Commute: Allow ample time to arrive on time and avoid feeling rushed.

During the Interview:

Be Punctual: Arrive on time to demonstrate professionalism and respect.

Make a Great First Impression: Greet the interviewer with a handshake, smile, and eye contact.

Confidence and Enthusiasm: Project a positive attitude and show your genuine interest in the opportunity.

Answer Thoughtfully: Listen carefully, take a moment to formulate clear and concise responses. Highlight relevant skills and experiences using the STAR method.

Ask Prepared Questions: Demonstrate curiosity and engagement with the role and company.

Follow Up: Send a thank-you email to the interviewer within 24 hours.

Additional Tips:

Be Yourself: Let your personality shine through while maintaining professionalism.

Be Honest: Don't exaggerate your skills or experience.

Be Positive: Focus on your strengths and accomplishments.

Body Language: Maintain good posture, avoid fidgeting, and make eye contact.

Turn Off Phone: Avoid distractions during the interview.

Final Thought:

To prepare for your VAPT Pentester / Web Application Security interview at NETSACH GLOBAL, research the company, understand the job requirements, and practice common interview questions.

Highlight your leadership skills, achievements, and strategic thinking abilities. Be prepared to discuss your experience with HR, including your approach to meeting targets as a team player. Additionally, review the NETSACH GLOBAL's products or services and be prepared to discuss how you can contribute to their success.

By following these tips, you can increase your chances of making a positive impression and landing the job!

How to Set Up Job Alerts for VAPT Pentester / Web Application Security Positions

Setting up job alerts for VAPT Pentester / Web Application Security is easy with India Jobs Expertini. Simply visit our job alerts page here, enter your preferred job title and location, and choose how often you want to receive notifications. You'll get the latest job openings sent directly to your email for FREE!