SKILLS, KNOWLEDGE & EXPERTISE

BS degree or above in Computer Science, Information Security, or related field (or equivalent experience).

• Proven experience in penetration testing, red teaming, or ethical hacking in SaaS/cloud environments.
• Good knowledge of Java and Java Enterprise technologies (architecture, design, development).
• Strong programming, debugging, and optimization skills; solid understanding of OOP fundamentals.
• Experience with Spring MVC / Spring Boot, Hibernate / JPA, DB schema design, caching services, and data access technologies.
• Familiarity with Cloud Foundry, Kubernetes, Docker, and securing containerized applications.
• Hands-on with cloud platforms (AWS, Azure, or GCP), including cloud security controls.
• Knowledge of authentication, authorization, encryption, and secure API design.

• Experience with penetration testing tools (Burp Suite, Metasploit, Kali, etc.) and vulnerability scanners.

• • Understanding of common vulnerabilities (e.g., OWASP Top 10, SANS 25).

Strong written/verbal communication skills to document findings and present results to clients and stakeholders.

• Excellent teamwork and collaboration skills; proactive and flexible self-starter.

• • Fluent in English (oral and written).

KEY RESPONSIBILITIES

Plan, execute, and document penetration tests against applications, APIs, and cloud infrastructure in a SaaS environment.

• Simulate real-world attacks to identify vulnerabilities and provide clear remediation guidance to development teams.

• • Partner with product and engineering teams to embed security throughout the SDLC.Conduct threat modeling and security architecture reviews for the new features.
• Conduct code reviews with a focus on secure coding practices.
• Manage and operate security tools for vulnerability scanning, SAST/DAST, and log monitoring.
• 
  
  
  
• Support compliance, risk assessments, and client security reviews.

• Provide training and guidance on secure design, coding, and deployment.