Lead Security Tester Azure IRC252338

Description

Perform security penetration testing and vulnerability assessment for web and Micro services applications.

• Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality
• Able to identify the combination of different vulnerability while execution of test scenarios/test cases
• Good knowledge of automation to be used for security testing.
• Strong understanding of cloud security practices in environments like AWS, Azure, or GCP.
• Proven experience in identifying and exploiting business logic and framework related vulnerabilities
• Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports
• Knowledge of Secure SDLC and Security standards like OWASP, CWE
• Provide expert advice and recommendation to the application development team
• Extensive experience in addressing WEB and API application security issues
• Strong knowledge of Application Security throughout the SDLC
• Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc.
• Strong knowledge in OWASP TOP 10 vulnerability standards
• Strong experience in cloud technologies especially in Azure
• Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security.
  
  
  

Requirements

Perform security penetration testing and vulnerability assessment for web and Micro services applications.

• Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality
• Able to identify the combination of different vulnerability while execution of test scenarios/test cases
• Good knowledge of automation to be used for security testing.
• Strong understanding of cloud security practices in environments like AWS, Azure, or GCP.
• Proven experience in identifying and exploiting business logic and framework related vulnerabilities
• Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports
• Knowledge of Secure SDLC and Security standards like OWASP, CWE
• Provide expert advice and recommendation to the application development team
• Extensive experience in addressing WEB and API application security issues
• Strong knowledge of Application Security throughout the SDLC
• Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc.
• Strong knowledge in OWASP TOP 10 vulnerability standards
• Strong experience in cloud technologies especially in Azure
• Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security.
  
  
  

Job responsibilities

Perform security penetration testing and vulnerability assessment for web and Micro services applications.

• Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality
• Able to identify the combination of different vulnerability while execution of test scenarios/test cases
• Good knowledge of automation to be used for security testing.
• Strong understanding of cloud security practices in environments like AWS, Azure, or GCP.
• Proven experience in identifying and exploiting business logic and framework related vulnerabilities
• Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports
• Knowledge of Secure SDLC and Security standards like OWASP, CWE
• Provide expert advice and recommendation to the application development team
• Extensive experience in addressing WEB and API application security issues
• Strong knowledge of Application Security throughout the SDLC
• Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc.
• Strong knowledge in OWASP TOP 10 vulnerability standards
• Strong experience in cloud technologies especially in Azure
• Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security.
  
  
  

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders.

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.