Interesting Job Opportunity: SutiSoft - Security/Penetration Tester

Overview

SutiSoft Pvt. Ltd. is a leading provider of cloud-based business solutions, empowering organizations to streamline operations and enhance productivity. We specialize in developing and delivering innovative software across various domains, including expense management, HR solutions, and e-signature platforms. Our solutions are utilized by businesses of all sizes, across diverse industries, globally.

Role Overview

As a Security/Penetration Tester at SutiSoft, you will play a crucial role in safeguarding our applications and infrastructure from potential threats. You will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and providing actionable recommendations to enhance our security posture. This role involves collaborating closely with development, operations, and security teams to ensure the secure development and deployment of our applications. Your work will directly contribute to protecting our customers' data and maintaining the integrity of our services.

Key Responsibilities

• Conduct penetration testing and vulnerability assessments on web applications, mobile applications, APIs, and network infrastructure to identify security weaknesses.
• Analyze security findings and provide clear, concise, and actionable recommendations to development teams for remediation.
• Develop and maintain security testing methodologies, tools, and scripts to automate and improve the efficiency of security assessments.
• Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to proactively identify and mitigate potential risks.
• Collaborate with development teams to integrate security into the software development lifecycle (SDLC) and promote secure coding practices.
• Perform code reviews to identify security flaws and vulnerabilities in source code.
• Conduct security research and contribute to the development of security policies and standards.
• Participate in incident response activities and provide support for security investigations.
  
  

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 0-3years of hands-on experience in web application penetration testing.
• Demonstrated ability to perform penetration testing and vulnerability assessments on web applications, mobile applications, and APIs.
• Strong understanding of application security principles, OWASP top 10 vulnerabilities, and common attack vectors.
• Proficiency in using security testing tools such as Burp Suite, OWASP ZAP, Metasploit, and Nmap.
• Familiarity with cloud security concepts and technologies, including AWS, Azure, and GCP.
• Knowledge of network security protocols and technologies, including TCP/IP, HTTP, SSL/TLS, and firewalls.
• Ability to analyze security findings and communicate technical information effectively to both technical and non-technical audiences.
• Excellent problem-solving and analytical skills with a strong attention to detail.
• Experience with reverse engineering and static/dynamic analysis is a plus.
• Certifications such as OSCP, CEH, or CISSP are a plus.
  
  

(ref:hirist.tech)