Application Security Engineer
Piramal Capital & Housing Finance Limited
Location
Mumbai | India
Job description
Job Overview:
Application Security Engineer would be responsible for performing Application/API security assessments, secure code reviews and Vulnerability Assessment & Penetration Testing (VAPT) for PCHFL assets. Individual shall work closely with Information Security team, application developers, product managers and third-party vendors to ensure security of PCHFL products.
Qualification:
Graduate (BSc. IT, BE) with experience in Application Security assessment and VAPT
Experience Required:
- Candidate must have extensive experience in web, desktop and mobile application security assessments, API security assessments and secure code review
- Candidate must be able to perform Vulnerability Assessment and Penetration testing on network and infrastructure
- Candidate must be able to prepare detailed testing reports outlining vulnerabilities, corresponding impact and recommendations for remediating the identified vulnerabilities
- Candidate must be able to actively collaborate with development teams to provide POC support and guidance on remediation of identified vulnerabilities and issues
- Candidate must also be able to identify and address business logic flaws with technology and business teams
- Candidate should be able to perform application threat modelling
- Candidate must have strong understanding of application security fundamentals, frameworks and tools used for AppSec, VAPT and Secure Code reviews
- Candidate must have in depth knowledge of common web application and API vulnerabilities such as OWASP Top 10, SANS Top 25, etc.
- Candidate should understand concepts of Secure Software Development Lifecycle, DevSecOps and CI/CD pipelines
- Candidate should have basic knowledge on security test case automation and scripting would be preferred
- Candidate should have experience in managing vulnerability management programs to ensure timely remediation of identified vulnerability
- Candidate should be able to prepare management dashboards on key AppSec and VAPT trends across the Organization
- Candidate should assist in performing comprehensive risk assessment for key applications and products.
Experience Required:
- At least 2 Years of experience in Cyber Security
- Security certifications such as OSCP, ECSA, CEH will be preferred
- Ability to stay updated with emerging threats, security risks and potential impacts to the business Understanding of cyber security standards and best practices applicable to the Financial Services industry
- Strong verbal and written communication
- Should be able to contribute independently and in a team.
Job tags
Salary