Piramal Capital & Housing Finance Limited
Location
Mumbai | India
Job description
Job Overview: Application Security Engineer would be responsible for performing Application/API security assessments, secure code reviews and Vulnerability Assessment & Penetration Testing (VAPT) for PCHFL assets. Individual shall work closely with Information Security team, application developers, product managers and third-party vendors to ensure security of PCHFL products.
Qualification: Graduate (BSc. IT, BE) with experience in Application Security assessment and VAPT Experience Required: Candidate must have extensive experience in web, desktop and mobile application security assessments, API security assessments and secure code review Candidate must be able to perform Vulnerability Assessment and Penetration testing on network and infrastructure Candidate must be able to prepare detailed testing reports outlining vulnerabilities, corresponding impact and recommendations for remediating the identified vulnerabilities Candidate must be able to actively collaborate with development teams to provide POC support and guidance on remediation of identified vulnerabilities and issues Candidate must also be able to identify and address business logic flaws with technology and business teams Candidate should be able to perform application threat modelling Candidate must have strong understanding of application security fundamentals, frameworks and tools used for AppSec, VAPT and Secure Code reviews Candidate must have in depth knowledge of common web application and API vulnerabilities such as OWASP Top 10, SANS Top 25, etc. Candidate should understand concepts of Secure Software Development Lifecycle, DevSecOps and CI/CD pipelines Candidate should have basic knowledge on security test case automation and scripting would be preferred Candidate should have experience in managing vulnerability management programs to ensure timely remediation of identified vulnerability Candidate should be able to prepare management dashboards on key AppSec and VAPT trends across the Organization Candidate should assist in performing comprehensive risk assessment for key applications and products. Experience Required: At least 2 Years of experience in Cyber Security Security certifications such as OSCP, ECSA, CEH will be preferred Ability to stay updated with emerging threats, security risks and potential impacts to the business Understanding of cyber security standards and best practices applicable to the Financial Services industry Strong verbal and written communication Should be able to contribute independently and in a team.Job tags
Salary
