Functional Manager - BAS/CART

BAS /CART/Read teaming / PT / Blackbox / Grey box /WAF

Key Responsibilities:

1. Hands on experience with popular security tools – Nmap, Nessus, Kali, Metasploit, BurpSuite, Netsparker, Fortify/Checkmarks, SonarQube, Threat modelling tools 
2. Have work on BAS & CART tool to perform test on different technologies to identify misconfiguration.
3. Provide the technical recommendation with compensatory control to mitigate mis configuration
4. Mobile application Vulnerability Assessment and Penetration testing (IOS and Android), Application Security controls for mobile applications as per SANS and OWASP top 10.
5. Knowledge of web Application security testing (Black, white and grey box).
6. Knowledge and hands on of API security testing.
7. Thorough understanding of vulnerability assessment and sharing the mitigation / recommendation for the identified security weakness.
8. Experience with OWASP Top 10, SANS 25, static/ dynamic analysis, and common security tools
9. Experience in AWS, Docker, EKS/Kubernetes security
10. Hands on Knowledge of DevsecOps and related tools and methodology
11. Good in reporting and tracking of closure of open application related findings
12. Good knowledge of threat modelling and understanding the different attacks as per various models such as STRIDE, etc.
13. Co-ordination with stakeholders, build and maintain positive working relationships with them.