Monitor and analyze security incidents and threats to protect company data and systems. Develop and implement security measures to prevent unauthorized access and breaches. Collaborate with IT teams to identify vulnerabilities and strengthen overall security infrastructure.

Skills

• Burp Suite
• OWASP ZAP
• HTML
• JavaScript
• HTTP
• CSS

Requirements

• Job Role Security Analyst
• Job Type Full Time
• Workplace Type Onsite
• Industry Computer and Network Security

Secondary locations

About

Not provided

Responsibilities

• As a Security Analyst specializing in Web Penetration Testing, you will assist in identifying vulnerabilities and assessing the security posture of web applications. You will work closely with senior team members to enhance your skills, perform web penetration testing, and contribute to delivering high-quality security assessments.
• Assist in performing web application penetration tests (both manual and automated) on internal and external web applications.
• Identify, exploit, and document web vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) under guidance.
• Conduct vulnerability assessments using automated web application testing tools like OWASP ZAP, Burp Suite, and other relevant tools.
• Analyze web application architectures and workflows to identify security risks.
• Document findings, security weaknesses, and suggested remediation steps in detailed reports.
• Collaborate with senior team members to refine findings and deliver professional-grade reports to clients.
• Utilize tools such as Burp Suite, OWASP ZAP, Nikto, and Nmap for web security testing.
• Ensure that testing tools and systems are kept up-to-date to ensure efficiency and coverage of emerging vulnerabilities.
• Stay updated with the latest web security threats, exploits, and penetration testing techniques.
• Participate in internal training sessions, contribute to team knowledge sharing, and expand your knowledge of web application security.
• Follow industry standards such as OWASP Top 10, PTES, and other relevant guidelines during assessments.
• Adhere to internal and client-specific security policies, ensuring compliance with industry best practices and security regulations.

Other Requirements

• Basic understanding of web application security concepts and common vulnerabilities.
• Familiarity with web penetration testing tools like Burp Suite, OWASP ZAP, Nikto, and others.
• Knowledge of common web application attack vectors (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF).
• Ability to analyze and identify vulnerabilities in web technologies (e.g., HTML, JavaScript, HTTP, APIs).
• Strong communication skills, including the ability to document findings clearly and concisely.
• Willingness to stay up-to-date with the latest trends in web security and penetration testing.
• Experience with basic web security testing or bug bounty programs.
• Knowledge of OWASP Top 10 vulnerabilities and web security best practices.
• Exposure to common web technologies like HTML, CSS, JavaScript, and web frameworks (e.g., React, Angular, Node.js).
• Familiarity with basic network security tools like Wireshark, Nmap, and others.

Good to have

Not provided

About the Company

ValueMentor is a full-fledged Cyber Security Partner helping organizations worldwide to effortlessly manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.