SurveySparrow
Location
Chennai | India
Job description
Senior Information Security Specialist at SurveySparrow
Location: Chennai Responsibilities Conducting vulnerability assessments of web applications, APIs and mobile (Android & iOS) applications using manual and automated methods. Working with top industry Application Security testing tools to conduct VAPT. (HCL AppScan, Checkmarx, Veracode, Burp Suite and Synopsys Seeker) Working with code analysis (SAST, DAST, IAST) tools and demonstrating a POC of the identified exploit. Implementing and designing automated security checks within the CI/CD. Responding to client security concerns, answering security queries via call, and preparing documents Responsible for handling RFP and RFQ of customers efficiently, ensuring compliance and meeting client requirements. Performing internal audits for security compliance and taking the lead in external security audits, with a focus on supporting various security aspects, including ISO 27001 and SOC 2 Type 2. Modify and update existing SurveySparrow documentation to align with industry standards, best practices, and regulatory requirements such as ISO 27001, SOC 2, GDPR and HIPAA Conducting various security training and presentations for employees to enhance their knowledge and awareness of information security. Working closely with Dev, QA, and Infra teams to analyse, diagnose and resolve security flaws. Qualifications and Skills Bachelor’s computer science degree with 3 to 5 Years of relevant experience Security Certifications are preferred, not mandatory. Having a good knowledge of OWASP Top 10, SANS Secure programming, Security Engineering Prior experience in programming languages (e.g., Ruby, Java, Swift, JavaScript) and CI/CD tools (e.g., Jenkins) Strong Understanding of AWS infrastructure and security. Relevant security certifications, such as CISSP, CISA, CISM, CEH, or OSCP, are preferred. Holding an ISO 27001 Lead auditor or implementation certification is preferred and not necessarily required Strong Understanding of information security principles, best practices, and regulatory requirements. Good interpersonal and communication skills, with the ability to interact proactively with employees and leadership at all levels. Highly organized and able to thrive in a fast-paced environment. Attention to detail and ability to effectively document security policies and procedures. Previous experience in security assessments and reporting vulnerabilities is preferred. If you are a motivated individual looking to contribute to a dynamic and innovative company and possess the skills and qualifications mentioned above, we encourage you to apply.Job tags
Salary
