Lead Security Engineer - Application Security

Location

Bangalore | India

Job description

• Assess applications and products for security vulnerabilities and design flaws
• Performing Web application security testing, Mobile(Android/iOS) application security testing and Secure code review
• Interact with project teams to understand the security requirements and taking ownership of pods
• Performing Product Requirement reviews, Threat modelling, Static Code Reviews and cloud security assessments
• Evaluate security vulnerabilities and prioritise remediation efforts
• Think out of the box in building attack scenarios
• Provide technical guidance to developers on secure coding practices
• Evaluate and improve application security tools and processes
• Research latest security best practices, staying current on new vulnerabilities and threats

Knowledge and Skills Required:

• Security understanding across web, mobile and client server applications is a must
• Inclination towards learning multiple areas of security and building competency to deliver a wide spectrum of security like cloud security, devSecOps etc.
• Experience in performing automated security testing using static and dynamic scanning tools
• Experience in performing manual code reviews and penetration testing
• Knowledge of applicable industry standards, leading security practices and regulatory requirements
• Deep understanding of cryptography, authentication, authorisation, network security protocols and web application security
• Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
• Proficient in Java programming language. Knowing python, shell scripting is add-on.
• Strong interpersonal skills as well as excellent written and verbal communication skills
• Uncompromising personal and professional integrity and ethics
• Certifications are not mandatory but skills are.

Job tags

Salary