CME Group Recruitment for Application Penetration Testers at Bangalore

Required Experience

• Experience performing whitebox application penetration testing (Web, APIs, Mobile, Thick clients); or ability to demonstrate equivalent knowledge.
• Excellent skills with application security testing tools such as: Burpsuite, OWASP ZAP, SQLMap, IDA Pro, Kali, etc.
• Experience performing manual application source code security reviews for various languages such as: JAVA, .Net (C#, VB#), C++.
• Experience with UNIX or Linux.
• Experience with scripting languages such as: Python, bash, Powershell, etc.
• Knowledge of containers and cloud technologies.
• Have a passion for application security, willingness to continue growing your skills in this domain, and be able to share your passion and learnings with teammates.
• Self-motivated and a self-starter. If you have a question, be pro-active in finding the answer and communicate your learnings with teammates.
• Excellent oral and written communications skills.

Preferred Experience

• Experience working with containers and container orchestration tools
• Experience working in a DevSecOps and Continuous Integration/Continuous Delivery (CI/CD) environment.
• OSCP/OSWE, GWAPT, GMOB, GPYC, or other relevant security certifications are a plus.

Principal Accountabilities

• Perform manual application penetration testing at key points in the Software Development Life Cycle (SDLC).
• Produce documentation (reports) and present the findings discovered during your security assessments.
• Provide application security consulting services at critical points in the SDLC.
• Have an interest in continuing your education and staying current within the application security domain.