Encora is hiring a
Security Test Engineer

Summary

Join our team as a Security Test Engineer in Chennai, working on hybrid mode. You will work with clients to determine their testing requirements and develop automated test scripts. The ideal candidate has 5-7 years of experience in security testing and analysis.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field
• 5-7 years of practical experience in Security testing and analysis
• Expert in using security testing tools such as Kali Linux, Nmap, Burp Suite, Arachni, Nesus, Nikto, Acunetix, Metasploit, exploit-DB etc
• Expert-level knowledge in Vulnerability Assessment using industry-leading best practices and tools
• Expert in creating security testing strategies and compliance frameworks for the clients
• Demonstrated proficiency in automated testing and utilizing test automation tools like Selenium, Appium, JUnit, and TestNG
• Thorough understanding of penetration testing methodologies, tools, and industry best practices
• Familiarity with security assessment tools such as Burp Suite and OWASP ZAP
• Knowledge of security vulnerabilities (e.g., OWASP Top Ten) effective mitigation strategies
• Proficiency in programming languages such as Java or Python
• Possession of relevant certifications like Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP) is advantageous

Responsibilities

• Work with clients to determine their requirements from the test, for example, the number and type of systems they would like pen testing to be done
• Expert-level knowledge in applying different kinds of security exploits for advanced threat detection
• Develop and maintain automated test scripts, collaborate for CI/CD integration, and create comprehensive test plans
• Conduct regular penetration tests, provide detailed reports, and recommend security enhancements
• Carry out remote testing of a clients network or on-site testing of their infrastructure to expose weakness in security
• Evaluate application, network, and infrastructure security, perform code reviews, and promote secure coding practices
• Document testing procedures, promote security awareness, and provide training on testing techniques
• Communicate testing results and security recommendations to stakeholders, and present progress reports