ppl-dynamics
Senior Information Security Engineer
Job description
Key Responsibilities
•
Perform web application, API, and mobile application penetration testing using industry-leading methodologies (OWASP, PTES, etc.).
•
Conduct network penetration testing and infrastructure security assessments.
•
Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements, document findings, and recommend remediations.
•
Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.
•
Develop, enhance, and maintain security testing frameworks and tools .
•
Review and validate security patches, mitigations, and fixes.
•
Stay updated on the latest attack techniques, exploits, and threat landscapes to enhance testing methodologies.
•
Collaborate with cross-functional teams to support security awareness and risk reduction efforts.
Required Skills & Qualifications
•
46 years of experience in Information Security, with a focus on application and network penetration testing .
•
Hands-on experience with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools .
•
Deep understanding of OWASP Top 10 , SANS Top 25 , and common exploitation techniques.
•
Experience in secure SDLC practices and working with development teams to resolve findings.
•
Strong knowledge of mobile application security (iOS and Android) and API testing methodologies .
•
Excellent report writing and communication skills for both technical and non-technical stakeholders.
Preferred Certifications (1 or more)
•
OSCP (Offensive Security Certified Professional)
•
OSWE (Offensive Security Web Expert)
•
eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)
•
PNPT (Practical Network Penetration Tester)
•
HTB CPTS (Certified Penetration Testing Specialist)


