Working knowledge of application security assessment and applicable review methodologies.

Job Description

• Perform manual and automated application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation.
• Exhibit extensive knowledge and ability to perform industry standard web application penetration testing methods, including OWASP guides.
• Participate in the change management process ensuring that all releases are reviewed by security before being approved for production.
• Ability to analyze security issues (both white-box and black-box), determine its cause and impact to the business and identify the corrective action needed to eliminate and prevent the event for the future.
• Work with IT Security team members and the development teams to design mitigations for identified weaknesses.
• Contribute to and help to further develop application security frameworks and standards.
• Break the code to find and fix flaws that developers may have missed.
• Help the engineering teams fix security issues.
• Mentor the  engineering team to write more secure code.
• Assist with other organization security projects and tasks as required.
• Monitor and evaluate security controls throughout the business.
• Drive the efforts to automate operational security.

Qualifications

• 3+ years of experience in a similar role in a relevant software or internet service industry.
• Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field.
• Experience in both vulnerability research and penetration testing.
• Passion for finding security deficiencies in applications or people/processes.
• Working knowledge of application security assessment and applicable review methodologies.
• Knowledge of application-level attacks and mitigation methods.
• Good knowledge of vulnerabilities and exploits.
• Managing and prioritizing multiple tasks in accordance with high level objectives.
• Knowledge of relevant business or compliance drivers that obviate the need for security tooling or processes.
• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols and applied cryptography.
• Experience using Burp Suite to perform security assessments.
• Good knowledge of Internet systems and technologies such as SOAP/REST web services, .NET Framework, debuggers, Java Script, TCP/IP, OSI Model etc...
• Experience with scripting languages (Bash, PowerShell, etc.).
• Able to drive consensus amongst technically strong but differing groups.
• Profound love of breaking things in order to make them stronger.
• Open to work in international, multilingual environment.
• Proficient in English.

Additional Information

Give your career a boost! Join an outstanding team of talented individual working on a project that makes sense...

Terms: Full time position

Beginning: ASAP

Location: Mauritius

For more information about EcoVadis please visit our site: www.ecovadis.com