Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Pune |
Education | Not Mentioned |
Salary | Not Disclosed |
Industry | BPO / Call Center |
Functional Area | General / Other SoftwareGeneral / Operations Management |
EmploymentType | Full-time |
Perform design consultation, architecture review, threat modeling, code review, and testing. Assist in the development of test cases, scripts, procedures, and tooling for QA security testing. Perform application vulnerability assessments Analyze output from security tooling and provide guidance to drive remediation Assess SDLC processes and provide guidance on increasing security review coverage Identify toolsets and vendors, drive adoption and implementation Consult with development and QA staff to remove false positives and prioritize remediation based on security scanning tools output. Perform tasks related to securing - and maintaining the security of - products, tools, and processes in R&D and DevOps Education: Bachelor s Degree in Computer Engineering, Computer Science, or Information Systems Management. Will consider work experience in lieu of or supplementing formal education. Minimum years of work experience: 5 years experience in application security + 3 - 5 years software development experience (development or QA) Required skills: In - depth knowledge of IT organization end - to - end areas and functions Understanding and familiarity with common code review methods and standards Knowledge of secure coding patterns and pitfalls in multiple languages (Java, . NET, C++, Python ;) Knowledge of secure configuration patterns for middleware and OS platforms (Tomcat, JBoss, Weblogic; common relational and NoSQL dbs; Windows, Linux, iOS, Android, Azure and AWS Cloud infrastructure) Demonstrated experience providing security review of web applications, mobile applications, thick clients, web APIs (REST, SOAP) , AuthZ/ AuthN protocols and technologies, and cryptography Experience with static analysis and dynamic analysis tools Experience with offensive security tools and methodologies Penetration testing experience, especially at the application level Familiarity with development and test toolsets (source code control, build systems, test automation, ticketing systems) Knowledge of OWASP tools and methodologies (Top 10 2013, 2017) Knowledge of standard SDLC practices and security touchpoints in Agile, DevOps, waterfall processes Experience with application security requirements of HIPAA, PCI and ISO 27000. Preferred skills: Solid understandings of security on networks, hardening, patch management, pen testing, vulnerability testing, Windows systems, open systems, applications, and web and public facing systems. Azure / AWS Cloud architecture related to application security a must. Knowledge of analytic and monitoring tools (ElasticSearch, LogStash, and Kibana (ELK) and/ or Splunk, Sumologic) Ability to code python Expertise with Veracode, Rapid7 Nexpose, Whitehat or other vulnerability scanners communication skills.
Keyskills :
networkingestcaseswindowssystemadministrationsecuritytoolstestautomationpenetrationtestingcodereviewcustomerrelationsthreatmodeling