ETS
Location
Delhi | India
Job description
Position Summary: We are looking for a seasoned Application Security Lead Analyst to join our team. As an Application Security Analyst, you will work as a consultant to our product development staff, ensuring the security of our applications throughout their lifecycle. Your role will be to identify potential vulnerabilities, suggest mitigation strategies, and support the development team in implementing these strategies. In addition, you will be responsible for creating and maintaining a Security Champion program to educate and guide our application developers in security best practices.
Responsibilities: 1. Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications. 2. Utilize Software Assurance Maturity Model (SAMM) to evaluate and improve the security of software development processes. 3. Continuously manage vulnerabilities by identifying, classifying, prioritizing, and mitigating them effectively. 4. Familiar with OWASP methodologies and incorporate them into security practices. 5. Work closely with product development teams to ensure secure coding practices are followed. 6. Educate application developers about application security to raise awareness and build a Security Champion program. 7. Leverage threat modeling for applications to identify potential threats and suggest suitable mitigation strategies. 8. Provide expert advice on the selection and implementation of appropriate security software tools. Knowledge and Skills: • Proficiency in programming languages such as Java, Python, C++, or others commonly used in application development. • Knowledge of security technologies, application design and coding practices, remediation techniques, secure coding standards/DevOps methodologies. • Proficiency with MACOS, Windows, Linux • Knowledge of Full Stack development processes and protection mechanisms is a plus • Understanding of patch management, firewalls, antivirus, and IDPS concepts. Education and Experience: • 3-5 years Application Security Experience • Team management skills are preferred. • Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent experience. • Proven experience as an Application Security Analyst or similar role. • In-depth knowledge of SAST, DAST, IAST, and SAC. • Knowledge of Gitlab Ultimate and other relevant security tools. • Familiarity with OWASP methodologies and application security vulnerabilities. • Experience in threat modeling and risk assessment. • Exceptional ability to educate and guide application developers in security best practices. • Excellent communication, presentation, and interpersonal skills. • Relevant certifications like CISSP, CSSLP, GWAPT, or GWEB will be a plus.Job tags
Salary
