SQL/Application Injection Security Engineer
Role Category: Testing and Analytics
Role: SQL/Application Injection Security Engineer
Job Location: Jaipur
We are seeking a skilled SQL/Application Injection Security Engineer to join our team. The ideal candidate will have a strong background in SQL and application security, with the ability to identify and mitigate security vulnerabilities, particularly those related to SQL injection.
In this role, you will work closely with our development teams to enhance the security of our applications and ensure they are resilient against security threats.
- Utilize your expertise in SQL and database management systems to identify and remediate SQL injection vulnerabilities.
- Develop and test secure applications using programming languages such as Python, Java, or C/C++.
- Familiarity with web application security concepts, including common vulnerabilities like SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).
- Utilize security testing tools like OWASP ZAP, Burp Suite, or similar tools for identifying vulnerabilities and conducting security assessments.
- Apply knowledge of the OWASP Top Ten Web Application Security Risks to our applications.
- Implement security frameworks and best practices to prevent SQL injection and other security threats.
- Collaborate with development teams to implement secure coding practices and enhance application security.
- Proficiency in application security testing methodologies, including dynamic application security testing (DAST) and static application security testing (SAST).
- Identify and remediate vulnerabilities in applications and databases.
- Apply database security principles, access control, and encryption to safeguard our data.
- Maintain awareness of security standards and compliance requirements, such as GDPR, HIPAA, and PCI DSS.
- Respond to and remediate security incidents related to injection attacks.
- Effectively communicate with development teams, share findings, and provide recommendations for secure coding.
- Obtain relevant certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH), to enhance your expertise.
- In-depth knowledge of SQL and database management systems (e.g., MySQL, PostgreSQL, SQL Server).
- Proficiency in one or more programming languages, such as Python, Java, or C/C++.
- Familiarity with web application security concepts and common vulnerabilities.
- Experience with security testing tools like OWASP ZAP, Burp Suite, or similar tools.
- Knowledge of the OWASP Top Ten Web Application Security Risks.
- Familiarity with security frameworks and best practices for preventing SQL injection and other security threats.
- Ability to implement secure coding practices.
- Proficiency in application security testing methodologies (DAST and SAST).
- Experience in identifying and remediating vulnerabilities in applications.
- Knowledge of database security principles, access control, and encryption.
- Awareness of security standards and compliance requirements.
- Ability to respond to and remediate security incidents.
- Effective communication skills.
- Relevant certifications (CISSP, CEH) are a plus.