Security Analyst Job in Thrissur at Valuementor

Valuementor is hiring for the role of Security Analyst!

Responsibility of the Candidate:

• Assist in performing web application penetration tests (both manual and automated) on internal and external web applications.
• Identify, exploit, and document web vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) under guidance.
• Conduct vulnerability assessments using automated web application testing tools like OWASP ZAP, Burp Suite, and other relevant tools.
• Analyze web application architectures and workflows to identify security risks.
• Document findings, security weaknesses, and suggested remediation steps in detailed reports.
• Collaborate with senior team members to refine findings and deliver professional-grade reports to clients.
• Utilize tools such as Burp Suite, OWASP ZAP, Nikto, and Nmap for web security testing.
• Ensure that testing tools and systems are kept up-to-date to ensure efficiency and coverage of emerging vulnerabilities.
• Stay updated with the latest web security threats, exploits, and penetration testing techniques.
• Participate in internal training sessions, contribute to team knowledge sharing, and expand your knowledge of web application security.
• Follow industry standards such as OWASP Top 10, PTES, and other relevant guidelines during assessments.
• Adhere to internal and client-specific security policies, ensuring compliance with industry best practices and security regulations.

Requirements:

• Basic understanding of web application security concepts and common vulnerabilities.
• Familiarity with web penetration testing tools like Burp Suite, OWASP ZAP, Nikto, and others.
• Knowledge of common web application attack vectors (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF)).
• Ability to analyze and identify vulnerabilities in web technologies (e.g., HTML, JavaScript, HTTP, APIs).
• Strong communication skills, including the ability to document findings clearly and concisely.
• Willingness to stay up-to-date with the latest trends in web security and penetration testing.
• Experience with basic web security testing or bug bounty programs.
• Knowledge of OWASP Top 10 vulnerabilities and web security best practices.
• Exposure to common web technologies like HTML, CSS, JavaScript, and web frameworks (e.g., React, Angular, Node.js).
• Familiarity with basic network security tools like Wireshark, Nmap, and others.