The Company -- Castellum Labs is a Next Gen Cyber Security Technology Venture that started in 2018, from Hyderabad, India with global ambitions, to change the cybersecurity service model. The company's vision is to change the cybersecurity value model in the industry. They use SaaS platforms, advanced lab infra in the cloud and a team of specialized experts to deliver long-term value. Castellum Labs' primary focus areas in Cyber Security are application security, network and infra security, cloud security, threat detection and response, and Darkweb monitoring and OSINT. Opportunity -- Castellum Labs is Hiring Application Security Engineers and Sr. Application Security Engineers for a new age Cyber Security Company, Castellum Labs. We are a deep tech driven cyber security services company based out of Hyderabad. Please check our LinkedIn Page .... Follow our page for exceptional knowledge pieces and job opportunities. What We Do in AppSec -- Application Security is one of our core areas, with a lot of focus. We have handled some of the largest and most complex application security engagements during last three to four years. We specialize across entire spectrum of application security, SAST, DAST, Code Review, Tools Integration, App Data Security and DevSecOps. We offer Advanced Application Security Services to customers world-wide, using a unique set of approach and model. We deliver high quality AppSec using a Specialized and Secure AppSec Lab and an advance cloud based AppSec Platform, appFORT. We have developed our own AppSec Methodology (RisQ), which combines threat modeling for software, multiple AppSec frameworks and risk reduction process, to deliver exceptional AppSec coverage. If you would like to go beyond Penetration Tester type of AppSec career, please apply !! Positions, Location and Joining -- Number of Positions -- >> 10 Joinin Time for Positions -- >> Immediate Experience Needed -- >> 1 to 5 Years Location of Positions -- >> Hyderabad Experience Needed Summary -- >> Vulnerability Detection, Pen Testing, App Testing (Dynamic & Static), Scan tools, etc. We would like the candidates, who have understood the exploit model for web/applications well and can create attack scenarios by exploiting vulnerabilities in web apps. Candidates, who have experimented with a lot of scan tools and then gone about creating automated routines, utilities and models are the ideal candidate for these positions. Experience -- Some key areas of experience needed for these positions are, OWASP Model Exceptional Linux Knowledge Shell & Python Programming basics DAST/SAST/IAST/SCA/Design-Security Web and Mobile Application Architectures Web/Mobile/API/Standalone AppSec Testing Multiple Interception and Scan Tools (Dynamic & Static) Manual Code Review of Applications for Security Assessment Full Exploit Vector Execution through Penetration Testing Routines Knowledge about Vulnerable Applications for Testing Practice (Open Source) Open Source Tools for Application Security Testing (BurpSuite, NMAP, ZAP, etc.) Please apply within next three days !! Note - We are not looking We are not looking for bug bounty specialists We are not looking for people who are looking for a 9 to 5 job We are not looking for people who are in salary hunting mode We are not looking for people who want to hop around, every year
Job Title
Application Security Engineer