Penetration Tester|| Application Security Enginer

$15-25 USD / hour

Đã đóng

Đã đăng vào

3 tháng trước

$15-25 USD / hour

I'm seeking an experienced penetration tester to perform a full-scope test on my web application. An intricate understanding of web applications and their vulnerabilities is crucial. Your responsibilities would include: - Identifying vulnerabilities within my web app - Suggesting and implementing proper security measures - Ensuring all functionalities and components are secure • Developed secure SDLC policies and standards for Web apps. Built Application Security (AppSec) program from scratch. • Perform Internal and external penetration tests against systems to identify vulnerabilities. • Collaborate with the application development teams and develop test cases, which can check the security of applications, databases and authentication mechanisms. • Experience using a wide variety of security tools to include Kali-Linux, Checkmarx CxSAST, CxIAST, Burp Suite Pro, Wireshark, Nmap, Nessus, Metasploit, and Nexpose. • Involved in implementing and validating the security principles of minimum attack surface area, least privilege, secure defaults, avoiding security by obscurity, keep security simple, Fixing security issues correctly. Strong knowledge in Manual and Automated Security testing for Web Applications. • Automation of security scanning process (DevSecOps) into the build environment with CI/CD pipeline using Codefresh, Maven, Gradle, GitHub tools. • Participate in security testing to include source code Analysis, dynamic application security testing using open source and commercial tools. • Performed APP code reviews, attesting compliance with the PCI-DSS security requirements. • Reviewing Java and .Net programming language for security vulnerabilities. • Perform analysis on test results and recommends remediation necessary. • Worked on security protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP and NFS on implementation, maintenance and monitoring. • Create and maintain all the needed Security Center Dashboards. • Working knowledge of OWASP Top 10 and SANS Top 25 software guidelines, Federal Financial Institutions Examination Council’s (FFIEC) regulations, including Payment Card Industry (PCI-DSS), and HIPAA. • Performed security Risk analysis and gap analysis. • Analyzed the results of penetrations tests, design reviews, source code reviews and other security tests. • Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. • Reviewed AWS Web Application Firewalls (WAF) and configured the rules and conditions to detect security vulnerabilities in the Cloud Front. • Performed Continuous Integration (CI) and Continuous Delivery (CD) of SAST scans using Checkmarx. • Performed Source Code repositories (GitHub), AWS IAM Roles, Users, Groups and Policies security assessments in order to build secure environment. • Decided on what to remediate and what to risk accept based on security requirements. • PCI-DSS Compliance Audit experience on controls like User access management, Change Management, Incident Management. • Good Experience in exploiting the recognized vulnerabilities. • Participate in the development of IT risk assessments for enterprise applications. The PCI, NIST framework has been utilized for IT risk assessments. Experience in application security engineering and security engineering would be advantageous but is not mandatory. I'm looking forward to hearing strategies or methodologies you would implement to provide a robust security layer to my application.

Mã dự án: 37822353

Về dự án

29 đề xuất

Dự án từ xa

Hoạt động 1 tháng trước

Bạn muốn kiếm tiền?

Địa chỉ email

Lợi ích khi chào giá trên Freelancer

Thiết lập ngân sách và thời gian

Nhận thanh toán cho công việc

Phác thảo đề xuất của bạn

Miễn phí đăng ký và cháo giá cho công việc

29 freelancer chào giá trung bình $25 USD/giờ cho công việc này

@tangramua

Dear akramsrdev, We carefully studied the description of your project and we can confirm that we understand your needs and are also interested in your project. Our team has the necessary resources to start your project as soon as possible and complete it in a very short time. We are 25 years in this business and our technical specialists have strong experience in Linux, Web Security, Testing / QA, Internet Security, Web Application and other technologies relevant to your project. Please, review our profile https://www.freelancer.com/u/tangramua where you can find detailed information about our company, our portfolio, and the client's recent reviews. Please contact us via Freelancer Chat to discuss your project in details or let's appoint time for Zoom meeting to meet and discuss your project in details. Best regards, Sales department Tangram Canada Inc.

$35 USD trong 5 ngày

4,9

(99 nhận xét)

7,4

@srmukul2

As an extensively experienced and certified Penetration Tester, I am adept at delivering full-scope tests on web applications that identify vulnerabilities and propose robust security measures to strengthen your environment. Throughout my career, I have diligently developed secure SDLC policies and standards for web apps. In addition, I have built an Application Security (AppSec) program from scratch which magnified my capabilities in identifying risk areas and providing effective countermeasures. Moreover, I offer a diverse skill set comprising manual and automated security testing for Web Applications using widely recognized tools such as Wireshark, Nmap, Nessus and Nexpose. My hands-on experience with BurpSuite Pro and Metasploit will be invaluable in exposing any potential weaknesses within your web application. Furthermore, my familiarity with OWASP Top 10 guidelines along with SANS Top 25 software principles reflects a deep understanding of widespread threats and best remedial practices. I have also worked on cloud platform security like AWS; securing applications deployed in Cloud by reviewing AWS WAF configurations among others. Overall, I'm well-prepared to meet this project's demands and ensure the development of a highly robust security layer for your application. Let's make sure your web app is fortified to withstand any potential attacks together!

$40 USD trong 40 ngày

5,0

(58 nhận xét)

7,1

@AhmadSameer

Hey there, I have been in Cyber Security for years. I had conducted tons of Penetration Testing projects. I can perform a full-scope test on your web application. I can fulfill the mentioned responsibilities. I have the required skills and experience. Regards!

$30 USD trong 40 ngày

4,9

(55 nhận xét)

6,1

@leadconcept

Good day, May I request you to please share link of your existing website? Let me look at it and we can then go from there and give you our firm bid. We have creative UI/UX Designers & experienced Developers team working on different tech stacks, so we will provide you quality services with 5 months FREE support and longterm relationship guarantee. For quick response & one-on-one communication, you may click on the chat button, as I am online most of the time. Look forward to hearing from you. Regards, Yasir LEADconcept

$20 USD trong 40 ngày

5,0

(2 nhận xét)

5,2

@LiveExperts

Hi there,I'm biddin on your project "Penetration Tester|| Application Security Enginer"Web Security, Web Application, Internet Security, Linux and Testing / QA I'm seeking an experienced penetration tester to perform a full-scope test on my web application I have read your project description and i'm a Professional Engineer therefore i can do this project for you perfectly.I still have a few questions. please leave a message on my chat so we can discuss the budget and deadline of the project. Thanks. .. .

$50 USD trong 783 ngày

5,0

(4 nhận xét)

4,4

@rupa37

Having spent over a decade and a half working in IT and network security, I have gained significant expertise in Linux-based system administration and the deployment of secure web applications. My thorough skill set includes the use of numerous security tools such as Kali-Linux, Wireshark, Nessus and Nmap, which I bring to bear in finding vulnerabilities quickly and effectively. Not only can my experience help identify problem areas, but it also informs strategic recommendations for implementing comprehensive security measures. Translating this knowledge into everyday operations is crucial. Therefore, I am well-versed in the automation of security scanning processes like DevSecOps to deliver a seamless CI/CD pipeline using Codefresh, Maven, Gradle, GitHub tools. Moreover, I apply stringent SDLC policies that adhere to recognized risk management frameworks like PCI-DSS and NIST to promote robust security practices throughout the development cycle.

$20 USD trong 40 ngày

4,8

(7 nhận xét)

3,9

@stoicmehedi

We are experienced cybersecurity professionals eager to conduct a thorough penetration test on your web application. Our approach involves comprehensive assessment, security measure implementation, collaboration with your team, and utilization of cutting-edge tools like Kali-Linux, Checkmarx, Burp Suite Pro, and Metasploit. We ensure compliance with industry standards and cloud security expertise. With a strategic methodology, we aim to fortify your application against cyber threats. Thank you for considering our proposal.

$20 USD trong 40 ngày

5,0

(6 nhận xét)

3,3

@anguhari

Hi There!, I have 4+ years of experience in penetration testing including Web Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS etc to perform penetration testing : Web Application Testing : Perform both manual and automated penetration testing for vulnerabilities like SQL injection, Cross-site scripting(XSS), Cross-site request Forgery(CSRF), Code injections, Authentication Bypass, Access Violation, Remote File inclusion(RFI),Local File Inclusion(LFI) etc. Network Testing: Provide Network Penetration Testing so that your Network Infrastructure is secured from the real attacks. Perform both manual and automated network penetration testing to identify network security threats in your network. I can assure you that I will be an ideal candidate for what you are looking for. Please out to me for further discussions. Thank you Angu Prasad

$20 USD trong 40 ngày

4,5

(3 nhận xét)

2,4

@manishshah1981

Hello I saw your post regarding Penetration Tester|| Application Security Enginer As I have very Good Team of QA who are highly expert and have experience Range from 1 to 10 Years of Experience multiple Resources who can help to Achieve Best Quality Output I will be happy to assist you and wish to work for Long Term Relationship If you are looking for professional work at an affordable budget, I consider my team as best. Let's have a more detailed conversation over chat. Thanks

$20 USD trong 40 ngày

5,0

(4 nhận xét)

2,3

@toku3906

***❤❤❤***Hello Mate!Greetings , Good evening! I am an expert mobile computer programmer with skills including Testing / QA, Linux, Web Security, Web Application and Internet Security. Please contact me to discuss more regarding this project. Thank you for your attention

$50 USD trong 33 ngày

0,0

(0 nhận xét)

0,0

@AITSoft

Hi, How are you? I just saw your job posting and I felt that I can help you with this job considering the experience I have with Internet Security, Web Application, Web Security, Testing / QA and Linux. Please check my portfolio: https://www.freelancer.com/u/AITSoft Regards, Shamshad

$25 USD trong 33 ngày

0,0

(0 nhận xét)

0,0

@rishbh7777

I am a professional penetration tester with over 3 years of experience in this field. I Have detected critical Vulnerabilities like SQL Injection, XSS, LFI and other know vulnerabilities in the web application. I also have experience in conducting vulnerability analysis on linux and windows server running over static ip. Consider texting me for further discussion.

$20 USD trong 40 ngày

0,0

(0 nhận xét)

0,0

@sakshi359

I am a professional cyber security software expert. I can complate the work with in target time project. Target achive in time set of the day..

$20 USD trong 40 ngày

0,0

(0 nhận xét)

0,0

@bhashit1

Hello! I'm Bhashit, a professional Cyber Security Specialist. Your post caught my attention, as I specialize in penetration testing, generating high-quality reports, and offering vulnerability recovery suggestions. After reviewing my calendar, I'm ready to start immediately and assist with VAPT reports. Regarding the job post, I can conduct VAPT for Network security, Web application security, and Mobile application security, as well as assist with compliance. I aim to close the project efficiently and help mitigate issues with developers. My approach to security assessments involves two pillars: Technical discovery and coverage. I use a mix of automated and manual approaches to ensure thorough Vulnerability Assessments. I also utilize a blend of community and commercial pen-testing software like Nessus, Burp Suite, Metasploit, etc correlating them for optimal results. I'm available to start right away. I've completed numerous VAPT projects with 5-star ratings and excellent feedback. With my experience, I can complete tasks efficiently. Your data security is paramount, and as a highly trusted cyber security specialist, I have a strong track record. Additional services I offer include VAPT reports, ISO 27001, ISO 27701, and VAPT with CISA attestation (Recognized worldwide). If needed, I can share my CV for a better understanding of my profile. Looking forward to potentially collaborating with you. Regards, Bhashit Pandya

$30 USD trong 20 ngày

0,0

(0 nhận xét)

0,0

@rahmanmatin13

Having analyzed your project, we understand your requirements and can materialize your dream project into reality through our expertise. As per your requirements, we have proposed an initial timeline & budget and anticipate discussing the project with you soon. We are a leading software development company that has completed more than 411 projects all over the world and won prestigious awards on an international and national scales. We have multiple offices and clients worldwide. Providing simple solutions and support to scale your business. Following list provides a snapshot of our skills: Front end : JavaScript, AngularJs, jQuery, ReactJs, HTML, CSS 3,jQuery, Web Design, Graphics design, Application Design Back end : Python, Java, Node.JS, PHP Frameworks : Django, Spring, Laravel, Zend, Yii Mobile : Swift, Android, Flutter CMS : Wordpress, Magento,Opencart, Prestashop, Shopify Server Management: AWS, Google Cloud, Namecheap, Goddady DevOps : Docker, Jenkins Database : MySQL, Postgres, MongoDB Full Stacks : Django-React/Angular-Mongo/Mysql/Postgres, Srping-Angular/React-Mongo/Mysql/Postgres, Laravel-React/Vue/Angular-Mongo/Mysql/Postgres We have 118+ experienced Engineers who are experts in Web Development, App Development, Software Development, UI/UX Design and more. You can learn more about our services by visiting our profile. Thanks Matin Ur R. CTO

$22 USD trong 40 ngày

0,0

(0 nhận xét)

0,0

@Nassimchaaami

With my extensive experience in penetration testing and a strong background in web application security, I am well-equipped to fulfill your requirements. I have a proven track record of identifying vulnerabilities, implementing security measures, and ensuring the robustness of web applications. My expertise includes developing secure SDLC policies, conducting internal and external penetration tests, collaborating with development teams to develop test cases, and using a wide variety of security tools such as Kali-Linux, Burp Suite Pro, and Nessus. Furthermore, I am familiar with OWASP Top 10, SANS Top 25, PCI-DSS, and HIPAA guidelines, and have experience in AWS Cloud security implementation. I am eager to discuss further strategies and methodologies to enhance the security of your web application. Thank you for the opportunity, and I look forward to the possibility of working together.

$20 USD trong 40 ngày

0,0

(0 nhận xét)

0,0

@valterdione

With a hybrid Agile methodology and I do have experience on such tools and frameworks. 1) Gather requirements 4h 2) Design As-Is 8h (current architecture) 3) Define To-Be 16h (target architecture) 4) Implement solutions 40h-50h 5) Reporting and documentation 8h

$20 USD trong 12 ngày

0,0

(0 nhận xét)

0,0

@Sajjad5121472

I have 10 years of experience in the field of Information Security. Following are my roles and responsibilities: Network (infra) vulnerability assessment and penetration testing. Web application vulnerability assessment and penetration testing Web services vulnerability assessment and penetration testing Thick client penetration testing Mobile application security testing (Android) Configuration auditing of devices Network architecture review Risk assessment Security and change release management.

$20 USD trong 30 ngày

0,0

(0 nhận xét)

0,0

@Thiruumalesh

Dear Sir/Madam, I have a extensive experience performing web application security testing, I am confident that I bring the right blend of skills to secure your web application. Having worked with penetration tools like Kali-Linux, Burp Suite Pro, and more, I am well-versed in identifying and mitigating a wide range of security vulnerabilities. Not only can I suggest and implement proper security measures, but I have also developed secure SDLC policies and standards for web applications, gaining a deep understanding of securing individual functionalities as well as holistic security. What sets me apart is my comprehensive knowledge of industry guidelines like OWASP Top 10, SANS Top 25 and compliance standards such as PCI-DSS which is crucial for web security. Furthermore, automation of security scanning process (DevSecOps) into the build environment with CI/CD pipeline using Codefresh, Maven, Gradle, Github ensures that the security process is streamlined and up-to-date. My certifications like CEHv9 and ECSAv10 along with my continuous assessments of recognized vulnerabilities equip me to leave no stone unturned in securing your application.

$20 USD trong 40 ngày

0,0

(0 nhận xét)

0,0

@janumejia180599

Hello, I'm an experienced penetration tester and can offer my expertise for your project. I have conducted penetration tests on web and mobile applications for various companies, including those in the financial and aviation sectors. Additionally, I hold certifications that validate my skills, such as eWPT, eJPT, and CAP. If you're interested in my services, please let me know.

$15 USD trong 40 ngày