Security Testing - Quality Engineer

Job Summary

Cognizant Technology Solutions Asia Pacific Pte. Ltd
IT/Computers - Software
Years of Experience
6 - 8 years
Posted On
27th Aug 2019
Application Security, Penetration Testing, Source code review, HTTP, SOAP, WSDL, REST, SSL, Java, .Net

Job Description:

Job Description:

• Responsible for conducting application security testing

• Subject matter expert for application team in terms of application security

• Responsible for performing dynamic and static application security testing focusing on vulnerabilities assessments, static analysis and penetration testing using automated and manual tools.

• Produce clear but detailed test reports which shows conclusions of testing

• Review test results and analyse data to understand software risk and areas of concern

• Prepares, maintains and execute technical security plans

• Explain and demonstrate application vulnerabilities and provide recommendations for mitigation

• Communicate and provide advisory on security vulnerabilities with project team and stake holders

• Work with DevOps to automate application security tests into DevSecOps and Continuous Integration process

• Work with application development team to review codes, improve and educate team on secure coding

• Share security related information and expertise within the project team through on the job coaching, pairing, formal/informal classroom training or sharing

• Conduct internal and external security and compliance review on information assets

• Monitor regulatory requirement & technology advances to identify relevant trends & threats

Job Requirements

• Degree or Diploma in Computer Science, Information Technology, Digital Media or related disciplines

• Possess professional certification such as CISSP, OSCP, CREST, CEH, CPTC, SAN, ISTQB CFTL or other relevant certification will be an added advantage.

• Minimum 2 years’ experience in secure code review in at least one of the following programing language/environment such as Ruby, Java, .Net, and/or Node.JS.

• Minimum 3 years’ experience in penetration testing on web application.

• Familiar with HTTP, SOAP, WSDL, REST, SSL standards, security models and common API client architecture

• Familiar with common web application vulnerabilities and technical knowledge to address and mitigate vulnerabilities

• Familiar with industrial security testing tools such as but not limited to Checkmarx, WebInspect, Fortify Suite, Burp Suite, Nessus, Kali Linux

• Experienced in secure scrum, agile testing environment will be an added advantage

• Good communication and interpersonal skills

• Good analytical and writing skills

• Good team player and meticulous"


About Us:

Cognizant is a global leader in business and technology services that helps Clients bring the future of work to life – today – in a business environment that is being transformed by accelerating globalization, virtualization, and the shift toward cloud technologies.

We continuously seek the “best and the brightest” when we recruit new employees, and we’re consistently an “employer of choice” at leading engineering and business schools around the world. Our domain industry specialists have well-established backgrounds working with companies in the industries we serve.

Our teams and their talent are a principle reason that we consistently outperform the competition.