We are seeking a highly motivated and skilled Junior Web/Mobile Application Security Tester, also known as an Ethical Hacker, to join our dynamic team. In this role, you will be responsible for conducting application security assessments, following industry best practices such as OWASP Top 10, to identify security vulnerabilities and potential security bugs. You will prepare comprehensive bug reports for website owners and collaborate with them to ensure satisfactory remediation. Additionally, you will conduct re-tests to verify the effectiveness of implemented security measures.
Responsibilities:
Perform comprehensive application security assessments using industry-standard methodologies, including OWASP Top 10, to identify security vulnerabilities.
Prepare detailed bug reports highlighting identified security issues and recommended remediation strategies.
Collaborate with website owners and development teams to ensure effective remediation of security vulnerabilities.
Conduct re-tests to verify the successful implementation of security measures and confirm the effectiveness of remedial actions.
Stay up-to-date with the latest security trends, vulnerabilities, and hacking techniques to enhance the overall security posture of our applications.
Effectively communicate and document findings, recommendations, and remediation progress to both technical and non-technical stakeholders.
Required Skills and Qualifications:
Solid understanding of security assessment techniques, including API security, authentication token security, and workflow process security.
Experience using industry-standard security tools such as Burp or equivalent tools for conducting vulnerability assessments and penetration testing.
Strong knowledge of web and mobile application security best practices, frameworks, and vulnerability identification techniques.
Familiarity with common web and mobile application vulnerabilities, such as cross-site scripting (XSS), SQL injection, and session management flaws.
Ability to analyze and interpret application security assessment results, and effectively communicate findings to technical and non-technical stakeholders.
Strong problem-solving and analytical skills, with a keen eye for detail.
Excellent written and verbal communication skills.
Preferred Certifications:
Certified Ethical Hacker (CEH)
Offensive Security Certified Professional (OSCP)
Offensive Security Web Exploit (OSWE) or equivalent certifications
Note: Equivalent certifications or relevant work experience will also be considered.