| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Oil & Gas Jobs |
| Banking Jobs |
| Construction Jobs |
| Top Management Jobs |
| IT - Software Jobs |
| Medical Healthcare Jobs |
| Purchase / Logistics Jobs |
| Sales |
| Ajax Jobs |
| Designing Jobs |
| ASP .NET Jobs |
| Java Jobs |
| MySQL Jobs |
| Sap hr Jobs |
| Software Testing Jobs |
| Html Jobs |
| Job Location | Bangalore |
| Education | Not Mentioned |
| Salary | Not Disclosed |
| Industry | IT - Software |
| Functional Area | Application Programming / Maintenance |
| EmploymentType | Full-time |
Dear candidates,Greetings,Profile:Java Application SecurityWork Location:BangaloreExperience:8 to 12 yearsExperience in Web Application Security with hands on exp in Application Development like [Java, Javascript, C/C++, Python, Ruby, Perl]Any 1 tool is mandatory: Metasploit, w3af, Blackduck, Veracode & burp suite.Primary and Secondary Skills Requirements:1. Primary Skills: Development language - Java development, Javascript, Python, Ruby,C++/C#, PerlApplication Security etc2. Secondary Skills: Security penetration testing tools - Metasploit, w3af, Blackduck, Veracode & burp suite (any one or two)3. Other Skills: Jenkins,Pivotal tracker, Cloud Foundry ,AWSJob Description1. CEH, CSSLP, or CISSP, GSEC, GIAC, GPEN, SDLC certification preferred.2. Must have strong business acumen with ability to work with application development, QA and security teams.3. A strong understanding of application security frameworks4. Thorough knowledge of the OWASP Top 105. Must have a solid understanding of application security code reviews and penetration testing.6. 10+ years experience in application development and security.7. Practical understanding and use of commercial application security tools8. Must be fluent in write technical reports based on findings.9. Highly proficient with development languages including Java, Groovy, Ruby, C,C++, Python.10. Strong self-starter who has the ability to operate independently.11. Good understanding on Networking concepts.12. Solid understanding and experience with establishing application security policies across an organization.13.Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership; proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance.14. Understanding and passion for Agile/XP/Scrum/Kanban15. Understanding of Test Driven Development built on User Stories16. Understanding of Continuous Integration/Testing/Delivery17. Expert in Metasploit, Burp Suite, Fuzzing, Gaunlt, and Jenkins is preferred18. Exposure on Veracode, BlackDuck and etc.,,The Application Security Engineer will be responsible for integrating security into the development of Allstates applications. The Application Security Engineer will work closely with the product and software development team to threat model, vulnerability scan, and pen test the early software, system, and network architecture and identify required control points in the application stack. The Application Security Engineer will also work closely with developers to diagnose, document, and remediate application security vulnerabilities. The Application Security Engineer will also be responsible for evaluating, recommending, and implementing application security related software in an automated continuous integration/deployment environment.Key responsibilities:1. Work closely with application development and QA teams to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization, including threatmodeling and applications security advisement services.2. Develop and maintain a balanced application security program based on a well-defined application security framework3. Conduct application security assessments / penetration tests and implement tools for dynamic/automated code reviews4. Ensure application design and implementation best-practice with role-based and appropriate access standards, as well as integration with Identity and Access Management environments.5. Ensure compliance with society, regulatory, and industry standards for application security.6. Continuously evaluate the organizations existing application security practices, define and measure security-related activities, and demonstrating concrete improvements to the application assurance program within the organization.7. Provide secure application development training to developers and provide guidance on the development of web-based training for ongoing awareness.8. Conduct source code reviews and penetration testing9. Develop and maintain unit and integration tests designed to ensure security controls are tested on every buildIf interested pls specify the skill set in the subject line & provide the following details along with a copy of your resume onHarihara@affluentgs.comCurrent CTCExpected CTCNotice PeriodCurrent LocationRegards,Team HR
Keyskills :
rubycloud foundryc++perlawspythonjenkinsjavascriptjava application security