1. Over 6+ Years of hands-on experience in performing security assessments of web-based applications, web services (SOAP, REST etc.)
2. Good knowledge of manual code review, threat modeling and vulnerability identification
3. Experience in using tools like HP Web inspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc.
4. Software Defect life cycle exposure.
5. Should be able to demonstrate valid PoC's to the development team.
6. Knowledge of current information security threats.
7. Conduct risk analysis and risk assessments on existing and proposed systems, document findings, and recommends risk mitigation strategies
8. Should be able to work independently with minimum guidance/supervision.
9. Good knowledge of security infrastructure components such as PKI, RMS, Active Directory, ADFS, Azure ACS, etc.
10. Experienced in Performance Testing Life Cycle i.e. Requirements analysis, Planning, Scripting and its enhancement, Design of Manual and Goal Oriented Scenarios, Test execution, and Performance Analysis.
11. Experienced in Correlation, Error Handling, Text and Image Checks, Rendezvous Points, Run Time Settings, Parameterization, Load Runner/J Meter Functions, web protocol functions, SAP GUI protocol functions etc.,
Education:UG -Any Graduate - Any Specialization
PG - Any Postgraduate - Any Specialization, Post Graduation Not Required
Doctorate - Any Doctorate - Any Specialization, Doctorate Not Required