DAST Application Security Testing

- This role is responsible for delivering comprehensive dynamic application security testing services to support project and business requirements.

- Demonstrated expertise in application vulnerability assessment and penetration testing, with strong exposure to ethical hacking techniques and industry standards such as OWASP Top 10, NIST, OSSTMM, and OSINT.

- Strong understanding of application frameworks, runtime behavior, and input validation mechanisms, including the role of sanitizers and filters in preventing vulnerabilities.

- Solid knowledge of core security concepts, including authentication and authorization mechanisms, cryptographic libraries, secure coding practices, and server-side security controls.

- Ability to identify, analyze, and clearly explain security vulnerabilities, including associated risk and impact, to both technical and non-technical stakeholders.

- Document identified vulnerabilities with clarity and accuracy, and actively collaborate with application development teams to support effective remediation.

- Hands-on experience with DAST and offensive security tools such as IBM AppScan, Burp Suite, and open-source toolsets including Kali Linux.

- Apply a risk-based approach to translate technical security findings into meaningful business risks and prioritized remediation actions.

- Evaluate, recommend, and propose security testing tools and techniques to enhance the quality and effectiveness of dynamic security testing activities.

- Demonstrate strong verbal and written communication skills, with the ability to engage diverse audiences, ask insightful questions, and deliver high-impact presentations.

- Possession of at least one industry-recognized security certification is mandatory; OSCP is highly preferred.

Prior exposure to the banking or financial services domain is an added advantage.