Security Analyst - API Security

Lennox India Technology Centre

5 - 7 years

0 Lacs

Chennai Tamil Nadu India

Posted:3 weeks ago| Platform:

Apply

Skills Required

security api testing analyze triage rest graphql test devops linux sqlmap sql html mobile iot

Work Mode

On-site

Job Type

Full Time

Job Description

Roles and Responsibilities:

Perform
Dynamic Application Security Testing (DAST)
on web applications and APIs (manual and tool-based).
Analyze DAST scan results,
identify and prioritize vulnerabilities
based on risk.
Participate in
triage meetings
with application teams to explain and document findings.
Lead
deep API security testing
(REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc.
Conduct
manual penetration testing
using offensive tools and custom payloads.
Craft
custom exploit chains
for vulnerabilities such as deserialization, command injection, and broken access controls.
Maintain
custom scripts, payloads, and test cases
to simulate real-world attacker scenarios.
Possibly perform
Static Application Security Testing (SAST)
and understand differences from DAST.
Document
testing procedures, findings, and remediation
efforts.
Communicate security findings
to both technical and non-technical stakeholders.
Collaborate with
DevOps, developers, and security teams
to address issues.
Participate in
process improvements
and develop long-term testing strategies.

Requirements:

5 to 7 years
of hands-on experience in web application security testing.
Strong knowledge in:
Web & API penetration testing.
DAST & SAST methodologies.
API security concepts and testing.
Proficiency in offensive security tools and
Kali Linux tools
(e.g., SQLMAP, Dirbuster).
Experience in identifying and exploiting
common vulnerabilities
(SQL Injection, XSS, CSRF, etc.).
Understanding of
HTML, JavaScript
.
Bonus for experience with:
Front-end tech:
.NET, Java
Back-end tech:
Oracle
Mobile or IoT app testing.
Bug bounty programs.
Familiarity with tools like:
DAST:
Burp Suite, NetSparker
SAST:
Checkmarx, Veracode, Fortify
Clear written and verbal communication
skills.
Any
relevant certifications
(e.g., OSCP, OSWE, GWAPT, CREST) are a plus.
Experience with
Red Teaming/adversary emulation
is a strong advantage.

More Jobs at Lennox India Technology Centre

Sr. Engineer - VAVE

Chennai, Tamil Nadu, India

130.0 - 130.0 yrs

Salary: Not disclosed

Social Media Analyst

Greater Chennai Area

130.0 - 130.0 yrs

Salary: Not disclosed

Sr. Engineer - VAVE

Chennai, Tamil Nadu, India

5.0 - 5.0 yrs

Salary: Not disclosed

Senior Analyst - ERP

Greater Chennai Area

130.0 - 130.0 yrs

Salary: Not disclosed

Sr. Electrical Design Engineer

Chennai, Tamil Nadu, India

1.0 - 1.0 yrs

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start DevOps Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.