Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
Kubernetes (vanilla, EKS, AKS, OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI More ❯
various IaaS, PaaS, SaaS, etc. Experience in DevSecOps and conducting end-to-end security testing of Applications (Web, Mobile, other APIs) Experience with industry standard tools such as Fortify, Checkmarx, and practices for code reviews, static/dynamic code analysis, and vulnerability assessments Knowledge of OWASP Top 10, SANS 25, NVD, CVE, etc. Experience with code languages and frameworks (Java More ❯
in manual penetration testing, particularly in web and mobile applications.Strong understanding of security frameworks likeOWASP Top 10 and NIST Standards.Proficiency in using security tools like Burp Suite, ZAP, Metasploit, Checkmarx, andAppScan.Hands-on experience with DAST and SAST tools such as IBM AppScan, HP WebInspect, andAcunetix for vulnerability assessments.Practical experience with AWS services(EC2, S3, KMS, RDS) and security best practices … outline security risks, and develop remediation plans.Perform code reviews to detect vulnerabilities and enforce secure coding standards, especially inJava, Python, and Objective C.Utilize tools such as Burp Suite and Checkmarx for security testing, as well as manual testing for identifying issues likeXSS, SQLi, CSRF, etc.Provide feedback on application architecture regardingnetwork security, SSL/TLS configurations, and cloud security best practices.Stay More ❯
