Application Security Tester (VA/PT) plays a key role in enhancing application security through proactive assessment, monitoring and collaboration. Primary responsibilities include executing vulnerability assessments, conducting penetration testing and supporting threat analysis within the SDLC. This role assists in developing secure coding practices and ensuring adherence to security standards such as ISO 27001 and OWASP.

Key Responsibilities:

  • Perform vulnerability scans and penetration tests on applications and systems.
  • Assist in developing threat models for critical applications and identifying potential attack vectors.
  • Analyze security incidents and support incident response efforts.
  • Review code for security flaws and provide guidance on secure coding practices.
  • Support secure SDLC implementation, including code reviews.
  • Monitor and track application vulnerabilities, providing regular reports to senior security teams.
  • Assist in managing security tools and automation for improved efficiency.
  • Stay up-to-date on emerging threats and security trends.
  • Participate in security awareness initiatives and training.
  • Integrate security measures into the DevSecOps pipeline to ensure continuous security.
  • Understand and apply industry standards and frameworks (e.g., ISO 27001, OWASP Top 10).
  •  Basic knowledge of security compliance requirements (GDPR, PCI DSS).

Requirements:

  • Candidates holding certifications such as CEH, CompTIA Security+, CPTE will have an added advantage when applying for the Junior Application Security Analyst position.
  • Bachelor's or Master's degree in Computer Science, Information Security or a related field.
  • 2-3 years of experience in application security roles, focusing on threat analysis, vulnerability assessment and secure development.
  • Proficiency in application security tools for static and dynamic analysis, vulnerability scanning and penetration testing.

Technical Skills:

  • Knowledge of penetration testing and vulnerability assessment tools like Burp Suite, Metasploit, and OWASP ZAP.
  • Familiarity with web application technologies (e.g., JavaScript, Java, .NET).
  • Understanding of web security vulnerabilities (e.g., XSS, SQL Injection, CSRF).
  • Experience with vulnerability management, threat detection and analysis platforms tools like Nessus, Qualys, Kali Linux.
  • Basic knowledge of secure coding standards and practices.

Non-Technical Skills:

  • Strong problem-solving and analytical abilities.
  • Excellent written and verbal communication skills.
  • Ability to work collaboratively in cross-functional teams.
  • Detail-oriented with a strong focus on security and risk mitigation.

Job Details

Functional Area:
Total Positions:
1 Post
Job Shift:
First Shift (Day)
Job Type:
Department:
Deployment & Configuration
Job Location:
Gender:
No Preference
Age:
18 - 50 Years
Minimum Education:
Bachelors
Degree Title:
Bachelor's or Master's degree in Computer Science, Information Security or a related field.
Career Level:
Experienced Professional
Minimum Experience:
2 Years (Relevant experience shall be preferred)
Apply Before:
Nov 26, 2024
Posting Date:
Nov 15, 2024

Pakistan Revenue Automation (Pvt) Ltd

Information Technology · 1001-1500 employees - Islamabad

Pakistan Revenue Automation (Pvt.) Ltd. (acronym – PRAL) has extensive experience of working with federal and provincial tax and revenue agencies to provide wide variety of tax and revenue collection solutions. Since its incorporation in June, 1994, PRAL has been involved in the development of wide array of tax and revenue related solutions pertaining to Income Tax, General Sales Tax, Federal Excise, Customs, Capital Value Tax, Provincial Sales Tax & Services. etc. Over more than two decades of services, PRAL has gained valuable experience of increasing efficiency and efficacy of tax and revenue agencies through use of latest Information and Communication Technologies with Business Process Improvement / Re-engineering. PRAL has also proven its expertise in the areas of software development, project management, technical advisory and consulting services, managing data centers, large databases management, network administration, software implementations, trainings and data entry services. This wide spectrum of services offered by PRAL facilitates our valued customers looking for One-Stop Shop solutions from conceptualization to post-implementation operations. The essence of PRAL’s business strategy is to develop sustainable partnerships with its customers thus acting as a catalyst in transforming and adapting its IT solutions and integrating these to the “New Wave of Technological Innovations” to meet the global requirements of tax and revenue agencies.

What is your Competitive Advantage?

Get quick competitive analysis and professional insights about yourself
Talk to our expert team of counsellors to improve your CV!
Try Rozee Premium
I found a job on Rozee!