Job Description

The Role

• Creates security test approach and strategy from system requirements and design/ product documents.
• Research, POC and implement new security testing tools, procedures and processes
• Analyze development enhancements, identify appropriate security testing coverage and adapt using automated security testing tools.
• Test environment and data set up of security testing.
• Perform on going release validation security testing, identify security defects and analyze root cause.
• Responsible for creating and maintaining test evidence.
• Plan, prepare and facilitate annual 3rd party vulnerability analysis to ensure industry compliance.
• Must be able to take on leadership responsibilities and influence the direction of the security testing effort, its schedule and prioritization.
• Research and document detect reports following agreed-upon processes immediately upon discovery of a security defect

• BE, BTech or MCA with minimum 4-5 years of experience in security testing field
• Good understanding of Web & Mobile application development and related technologies such as REST, Java Script, HTML5, AJAX, Microservice, Angular etc.
• 3 + years of hands-on experience in DAST scanning tool like IBM AppScan, Qualys, Netsparker, Acunetix etc. is a must
• Hands- on experience in penetration testing using tool like Burp Suite/OWASP ZAP is a must
• Hands on experience with Mobile application/web application security testing beneficial.
• Well versed with secure coding practices and OWASP guidelines.
• Knowledge of SAST scanning tool like Checkmarx, Fortify etc. will be an added advantage.
• Experience with Kali Linux will be an added advantage.
• Experience of using Android emulator like Genymotion will be an added advantage.
• Working experience with Source/Version control systems (eg: Git)
• Good understanding of network protocols, design and operations
• Working knowledge of Security principles, techniques and technologies
• Experience in Agile development methodologies preferable.
• Experience in employee benefits, insurance, finance or healthcare helpful
• Experience in tool like Tenable Security/wiz will be an added advantage

• Commitment - Should pull the team forward during trying times. Should have a positive attitude.
• Teamwork and collaboration - Can switch based on situations as sometimes being a leader, sometimes being a good follower, monitoring the progress, meeting deadlines and working with others across the organization to achieve a common goal.
• Adaptability - Should have a passion for learning and the ability to continue to grow and stretch the skills to adapt to the changing needs of the organization.
• Problem solving - Should has a urge to resolve problem himself rather than delegating.
• Resource Management - Need to know how to efficiently use the resources for the betterment of the assignments leading. Should have a good ability to effectively communicate and interact with other individuals on the team and all key stakeholders

Willis Towers Watson