Lead Security Engineer - Application Security
Location
Bangalore | India
Job description
- Assess applications and products for security vulnerabilities and design flaws
- Performing Web application security testing, Mobile(Android/iOS) application security testing and Secure code review
- Interact with project teams to understand the security requirements and taking ownership of pods
- Performing Product Requirement reviews, Threat modelling, Static Code Reviews and cloud security assessments
- Evaluate security vulnerabilities and prioritise remediation efforts
- Think out of the box in building attack scenarios
- Provide technical guidance to developers on secure coding practices
- Evaluate and improve application security tools and processes
- Research latest security best practices, staying current on new vulnerabilities and threats
Knowledge and Skills Required:
- Security understanding across web, mobile and client server applications is a must
- Inclination towards learning multiple areas of security and building competency to deliver a wide spectrum of security like cloud security, devSecOps etc.
- Experience in performing automated security testing using static and dynamic scanning tools
- Experience in performing manual code reviews and penetration testing
- Knowledge of applicable industry standards, leading security practices and regulatory requirements
- Deep understanding of cryptography, authentication, authorisation, network security protocols and web application security
- Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
- Proficient in Java programming language. Knowing python, shell scripting is add-on.
- Strong interpersonal skills as well as excellent written and verbal communication skills
- Uncompromising personal and professional integrity and ethics
- Certifications are not mandatory but skills are.
Job tags
Salary