Lead , Information Security

  • 12-18 yrs
  • Not Disclosed

Job Description

Role , Security LeadThis role works in close collaboration with all members of the Application Security team and is fully integrated within the Information Security process.Desired Anchor attributes :KEY RESPONSIBILITY:, Expertise in web application penetration testing and web services (API) penetration testing , mobile application security testing, Experienced in vulnerability Assessments using Automated Scanners such as Nessus,Qualys and Manual Security Testing Kali Linux , Metasploit and other infrastructure security testing tools, Experience with application architecture reviews, Threat modelling, Static Code Reviews and cloud security assessments, Ability to interact with project teams to understand the security requirements and come up with solutions, Knowledge on OWASP Top 10 and SANS Top 25 and ability to map the vulnerabilities identified against the standards, Familiarity with web application vulnerability scanners (Acunetix ,HP Web Inspect,HCL AppScan etc and with source code analysis tools (Fortify,Checkmarx,Vera code,Klocworks), Experience in using manual VAPT tools like Burp suite,ZAP,CSRF Tester etc., Good client interaction and presentation skills, Experience in Security Pre,Sales and ability to handle a team would be a plus, Should be able to train team members in appsec activitiesDESIRED SKILL :, Good understanding of secure software development lifecycle processes across technologies., Differentiate between classic security services and cloud security services, Ability to communicate with the project teams and explain the vulnerabilities identified, Understanding of DevSecOps , CI,CD Integration and Agile Security testing methodology, Programming or scripting skills like Java, python, batch scripts, power shell, java scripts etc, Knowledge on network architecture reviews would be helpful, Experience testing applications and services on the cloud (AWS preferred)