Job Description

Role Purpose

• We are looking for Application Security Lead Analyst / Engineer with expertise in SAST, DAST, Penetration Testing, Secure Code Review, Secure Design Review. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of service offering

͏

Duties and Responsibilities

• A strong and thorough understanding of Application Security with a passion to innovate

• Strong knowledge experience with Vulnerability Assessment and Penetration Testing

• Strong knowledge to automate DAST/SAST solutions scanning and reporting

• Performing Manual Secure Code Review and Secure Design Review

• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams

• Good understanding of Java, Python, etc.

• Hands-on experience of Web Application Scanning Tools (both Open Source and Commercial) •

Knowledge of performing Threat Modeling and Application Design Reviews

• Good understanding of SSDLC and Secure Software Delivery Frameworks

• Provide guidance to development teams for remediating application security vulnerabilities

• Should have at least one professional certification but not limited to CEH/Security+/eJPT or equivalent

• Good to have certifications like OSCP/eWAPTX/OSCE/CRTE/eCPTX or equivalent Leading the functions as an individual, performing below assignments

: • Responsible for performing and overseeing Penetration testing, SAST, DAST, Manual Secure Code Review and Secure Design Review

• Make suggestions for security improvements.

• Enhance existing methodology material

• Mentoring Junior Resources Good to have working experience on:

• Good understanding of Cloud Security Concepts AWS/Azure

• Should have Project Management Skills (using Jira / Confluence / SNOW

͏

͏

͏