Your browser does not support javascript! Please enable it, otherwise web will not work for you.

Senior Security Engineer @ AIS business solution

Home > Quality Assurance and Testing

AIS business solution  Senior Security Engineer

Job Description

Job Tittle - Security Test Engineer

Job Type: Full-time
EXP 5+ Years
Location - Gurgaon

Roles & Responsibilities:

Perform Security Assessments: Conduct various types of security testing,
including:
1. Penetration Testing: Perform black-box, gray-box, and white-box penetration
testing on web applications, APIs, mobile applications (iOS/Android), and
network infrastructure.
2. Vulnerability Assessments: Utilize automated and manual techniques to
identify security weaknesses.
3. Static Application Security Testing (SAST): Analyze source code to identify
potential vulnerabilities.
4. Dynamic Application Security Testing (DAST): Test applications in a running
state and vulnerabilities.
5. Interactive Application Security Testing (IAST): Combine elements of SAST and
DAST for comprehensive testing.
6. Configuration Reviews: Assess the security posture of various systems and
applications.
7. Threat Modeling: Participate in threat modeling sessions to identify potential
attack vectors and vulnerabilities early in the development lifecycle.
8. Vulnerability Management:
Document identified vulnerabilities clearly and concisely, including steps to
reproduce, impact, and severity.
Communicate findings to development teams and stakeholders effectively.
Track and manage vulnerabilities through their lifecycle, from discovery to
remediation and retesting.
Provide guidance and recommendations to development teams on remediation
strategies.

9. Security Tooling & Automation:
- Utilize and configure security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus,
Acunetix, Fortify, Checkmarx, Metasploit).
- Develop and implement automated security tests and scripts to improve efficiency.
- Stay up-to-date with the latest security testing tools, techniques, and best
practices.
10. Collaboration & Communication:
- Collaborate closely with development, DevOps, QA, and product teams to
integrate security into the SDLC (Secure SDLC).
- Educate and mentor developers on secure coding practices and common vulnerabilities.
- Participate in security code reviews.
- Present security findings and recommendations to technical and non-technical
audiences.
11. Research & Development:
- Stay informed about emerging security threats, attack vectors, and industry
trends.
- Contribute to the improvement of security testing methodologies and processes.
Participate in security community activities, conferences, and training.

Required Skills & Qualifications:

- Education: Bachelor's degree in computer science, Information Security, or a
related field (or equivalent practical experience).


- Experience:
Mid-Level: 3-6 years of experience in security testing, penetration testing, or
application security.


Senior Level: 6+ years of experience in security testing, leading penetration
testing engagements and architecting secure solutions. Technical Skills:

- Strong understanding of web application security vulnerabilities (e.g., OWASP
Top 10, SANS Top 25).
o Proficiency with security testing tools (e.g., Burp Suite, OWASP ZAP, Nmap,
Metasploit).
- Experience with various operating systems (Linux, Windows).
- Familiarity with scripting languages (e.g., Python, Ruby, PowerShell, Bash).
Understanding of network protocols, firewalls, and intrusion
detection/prevention systems.
- Knowledge of secure coding principles and common programming languages
(e.g., Java, Python, C#, JavaScript, Node.js).
- Experience with cloud security (AWS, Azure, GCP) is a strong plus.
Familiarity with CI/CD pipelines and integrating security into automated workflows.

Soft Skills:
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences.
- Ability to work independently and as part of a team.
- High attention to detail and a methodical approach to testing.
- Curiosity and a strong desire to learn and stay current with security trends.

Desired Certifications (Plus, but not required):
OSCP
OSWE
CEH (Certified Ethical Hacker)
CompTIA Security+
SANS certifications (e.g., GWEB, GWAPT, GPEN)
CSSLP (Certified Secure Software Lifecycle Professional)

Job Classification

Industry: Financial Services
Functional Area / Department: Engineering - Software & QA
Role Category: Quality Assurance and Testing
Role: Quality Assurance and Testing - Other
Employement Type: Full time

Contact Details:

Company: AIS business solution
Location(s): Noida, Gurugram

+ View Contactajax loader


Keyskills:   Database Testing Performance Testing automated testing tools Vapt Sast Black Box Manual Testing Vulnerability Assessment Agile Testing Security Testing QA Testing Penetration Testing OWASP Application Security Testing Scrum White Box Testing SQL Scripting Dast

 Fraud Alert to job seekers!

₹ -15 Lacs P.A

Similar positions

Functional Test Engineer

  • Expleo
  • 3 - 5 years
  • Chennai
  • 3 days ago
₹ Not Disclosed

Software Test Engineer (Automation & Manual Testing)

  • R Systems
  • 6 - 8 years
  • Noida, Gurugram
  • 5 days ago
₹ -18 Lacs P.A.

Software Engineer (C, C++)

  • NetApp
  • 5 - 7 years
  • Bengaluru
  • 6 days ago
₹ Not Disclosed

Senior Software Engineer (C/C++/System Design)

  • NetApp
  • 8 - 12 years
  • Bengaluru
  • 6 days ago
₹ Not Disclosed

AIS business solution

AIS is a Texas-based fintech firm committed to lowering operating costs, improving quality and reducing cycle time with back-office automation, highly skilled talent and standardized reporting and analytics solutions. AIS manages the day-to-day work so our clients can focus on growing their busin...