Job role:
. Leading a team that performs Application Security Testing, Server Configuration Audits and Vulnerability Assessments
. Ensuring that VAPT for existing applications/systems are performed as per policy, track the compliance status, following up with application/system owners for closures of the security findings.
. Releasing VAPT dashboards and reports periodically to management and relevant stake holders including the internal and external auditors.
. Managing end-to-end application security Life-cycle.
. Working closely with the application development teams during initial phase of a project to identify gaps in the process and application security architecture that can be mitigated during development phase itself.
. Perform impact analysis on all application updates, and provide recommendations for applying them effectively.
. Scheduling of applications for audits, following up with application owners for details, tracking closures of the findings etc.
. Co-ordinating and supporting vendor for external penetration testing activities
. Carrying our Risk Assessment for process & product before go-live.
. Explain and articulate effectively the Risk/Vulnerabilities and weaknesses as per in the OWASP Top 10, WASC, CWE 25 and other know security standards to any audience and discuss effective defensive techniques.
. Conduct ongoing secure coding/developer trainings for existing and new recruits in application development team
Job Requirements:
. Bachelor’s Degree in any discipline
. 3-6 yrs experience with at least 3 years in Information Security
. Good analytical, communication and presentation skills.
. Ability to learn and quickly grasp new technologies
. Industry Standard Certifications like CeH, OSCP, CISSP, CISM would be an added advantage.