Professional hands-on experience in vulnerability assessment and penetration testing activities, especially applications such as web, mobile and thick clients. In-depth knowledge of secure software development lifecycle (SDLC) and OWASP resources. Experience with the OWASP Top 10 and SANS CWE Top 25. Excellent understanding about WAF and bypassing techniques. Experience in conducting manual application security code reviews. Experience with static application security testing (SAST) tools like SonarQube, Fortify, CheckMarx, etc. Experience with dynamic application security testing (DAST) tools like Burp Suite Enterprise, Invicti, Accunetix, etc. Experience in conducting mobile application security testing for Android and IOS platforms. Excellent presentation skills to be able to offer consulting or assistance to developers and IT teams. Proficiency in application security testing tools and frameworks such as OWASP ZAP, Burp Suite, Frida, Objection, etc.