Vulnerability Researcher (Web, Android & iOS)

About Globals:

Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, ERP Systems, Predictive Analytics, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions.

Globals is certified as a "Great Place to Work" organization for its great work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist.

Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise.

Globals is a CMMI Level 3 certified company.

About the Job Role:

As a Web, Android, and iOS Vulnerability Researcher at [SME Name], you will play a crucial role in identifying, analyzing, and mitigating security vulnerabilities across our web, Android, and iOS platforms. You will work closely with our development and security teams to ensure the safety and integrity of our applications and systems. Your expertise in discovering and reporting security flaws will be instrumental in maintaining a secure environment for our users and data.

Key Responsibilities:

  • Conduct thorough security assessments of web, Android, and iOS applications to identify vulnerabilities such as cross-site scripting (XSS), SQL injection, authentication bypass, insecure data storage, and more.
  • Perform both manual and automated security testing to identify potential weaknesses and areas of concern.
  • Utilize various testing tools and techniques to uncover vulnerabilities, including static analysis, dynamic analysis, and penetration testing.
  • Collaborate with the development team to provide guidance and recommendations for implementing security best practices and remediation strategies.
  • Document and report identified vulnerabilities with clear explanations, technical details, and suggested mitigation steps to the development and security teams.
  • Participate in security discussions, code reviews, and design reviews to proactively address security concerns during the development lifecycle.
  • Assist in the creation and maintenance of security guidelines, standards, and documentation for web, Android, and iOS development.
  • Contribute to the continuous improvement of the security posture of our applications and systems.

Requirements & Skills:

  • Minimum of 1 year of professional experience in vulnerability research, penetration testing, or related security roles.
  • Solid understanding of web application security principles, mobile application security, and common vulnerabilities.
  • Familiarity with security testing tools such as Burp Suite, OWASP Zap, Nmap, etc.
  • Experience with Android and iOS application security assessment tools and methodologies.
  • Knowledge of programming languages commonly used in web, Android, and iOS development (e.g., Java, Kotlin, Swift, JavaScript).
  • Excellent communication skills, Strong problem-solving skills and the ability to think like an attacker to uncover potential vulnerabilities.
  • Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar, are a plus.
  • Should have in-depth knowledge on OWASP Top 10 and SANS 25.
  • Should have knowledge about Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumerations (CWE).
  • Bachelor's degree in Computer Science, Information Security, or equivalent experience.